InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
InfoQ

NodeJS Proposes Built-In Virtual File System, Sparking Debate over AI-Generated Contributions

Matteo Collina has proposed a Virtual File System (VFS) for Node.js core through the node:vfs module. The proposal includes about 19,000 lines of code and addresses common workflow challenges. While ...
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Microsoft has identified an active supply chain attack targeting the @antv node package manager (npm) package ecosystem. A threat actor compromised an @antv maintainer account and published malicious ...
Computerworld

Industry

Compliance chaos: NY regulators see a data breach — then focus on IT errors When a data breach happens, CISOs aren’t the only ones who should be sweating. New York state officials, for example, ...
GitHub

The all-batteries-included GitHub SDK for Browsers, Node.js, and Deno.

Standalone module: @octokit/webhooks When installing an app, events that the app registration requests will be sent as requests to the webhook URL set in the app's registration. Webhook event requests ...
GitHub

pulsar-edit

5 MIT 0 0 0 Updated 6 hours ago pulsar Public A Community-led Hyper-Hackable Text Editor JavaScript 4,068 189 260 (2 issues need help) 63 Updated 6 hours ago node-pathwatcher Public Forked from ...