Webpack's 2026 roadmap, led by Even Stensberg, unveils substantial enhancements aimed at modernizing the bundler. Key features include native CSS module support, universal compilation for various ...

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...

In November 2025, Gartner formalized a new security category — Exposure Assessment Platforms — evaluating 20 vendors on their ability to continuously identify and prioritize The post What Is an ...

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in update mechanisms. Ever since Electron’s first release, developers have ...

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

Scammers are using cloned versions of popular AI coding tools to spread info-stealing malware through fake installation ...

Users of Google Chrome on Windows, Mac, and Linux are urged to update their browsers following a high-severity security ...

An initiative within the JavaScript community is attempting to offer an alternative to the way developers view npm packages via the web. The project is ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Marketeam.ai is building the first Integrated Marketing Environment (IME) - think of it like an IDE for marketing, but proactive. Instead of fragmented tools and dashboards, it runs marketing as a ...

One IDE to rule them all. You won't want to use anything else.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...