CodeZineは、株式会社翔泳社が運営するソフトウェア開発者向けのWebメディアです。「デベロッパーの成長と課題解決に貢献するメディア」をコンセプトに、現場で役立つ最新情報を日々お届けします。

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

It's easy to use and offers endless automations ...

The eight-part podcast series from the producers of People Who Knew Me will also star Hannah Waddingham, Maisie Williams and Alison Steadman ...

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...

Microsoft Threat Intelligence has uncovered an active supply chain attack involving malicious npm packages registered under organizational scopes that mirror real internal corporate namespaces, ...

Altera, the industry’s largest pure-play FPGA solutions provider, today announced it is working with the Defense Innovation ...

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

At the launch, KPMG also unveiled its Trusted AI Assurance offering that is aligned with relevant international standards and frameworks to mitigate risk and build trust in AI deployment. This ...

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

We think of data volumes in adjectives, not numbers. This leads to architectures with phantom dimensions and blocks the ...

JavaScript開発で広く使われているパッケージ管理サービスのnpmに、公開前の確認手順を追加する「段階的リリース」が導入されました。従来のnpmでは、公開権限を持つユーザーや自動化システムがパッケージを公開するとパッケージがnpmレジストリにすぐ反映される仕組みでした。段階的リリースではパッケージをいったん公開待ち領域に置き、メンテナーが内容を確認して承認してから一般公開される流れになります ...