Microsoft officially announced TypeScript 7.0 Beta on April 21, 2026. The company says TypeScript 7.0 is often 10 times faster than 6.0. The beta ships through @typescript/native-preview@beta and tsgo ...

Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

Say “publish this as a website” and your AI agent handles the rest: it builds the file, uploads it, and hands you a ...

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...

We tested Clym's free, open-source accessibility testing suite. An honest review of what it covers, how it works, and whether ...

Chainguard, the trusted source for open source, today announced a partnership with Cursor, the leading multi-model AI coding platform, to secure the next generation of agentic software development.