PhantomRaven attack floods npm with credential-stealing packages

An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.

New Chrome Devtools MCP Makes AI Web Development Even Easier

Learn how Chrome DevTools MCP transforms web development with dynamic features like live JavaScript execution & precision ...
Opinion
Database Trends and ApplicationsOpinion

Harper Open Sources its Composable Application Platform

Harper announced it will open source its core technology, a composable full-stack web application platform-aiming to support wider Node.js developer adoption of its platform, drive innovation at the ...

Bun 1.3 stuffs everything and kitchen sink into JS runtime

Version 1.3 of the Bun JavaScript runtime and toolkit has landed, pushing forward the project's goal to consolidate ...

Google DeepMind Gemini CLI 3.0 & GenKit Powerful Extension Framework

Gemini CLI 3.0 is setting a new standard for developer tools. From the seamless integration of reusable prompts to the ...
The Hacker News

North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality ...

Anthropic’s Claude Code is now available on the web for its Pro and Max users

Claude Code is Anthropic’s AI coding assistant designed to help developers fix bugs, refactor code, or even write complete ...

North Korean Hackers Deploy Blockchain-Based Tools in Expanding Global Cyber Campaign

North Korean hackers expand cyber campaigns using blockchain-based malware to steal cryptocurrency and evade detection, ...
InfoWorld

The best new features in Java 25

JDK 25 brings powerful new features to Java and JVM developers. Here are seven new or updated features that could convince ...