‘TrapDoor’ malware targets crypto dev tools in supply chain attack

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Node.js 26.2.0がリリース、fsやhttp機能強化など

CodeZineは、株式会社翔泳社が運営するソフトウェア開発者向けのWebメディアです。「デベロッパーの成長と課題解決に貢献するメディア」をコンセプトに、現場で役立つ最新情報を日々お届けします。

AIエージェントがChromeを操作するデバッグツール「Chrome DevTools for ...

米Googleは5月19日(現地時間)、コーディングAIエージェントからChromeを操作できるようにする「Chrome DevTools for agents 1.0」をリリースした。「Chrome DevTools ...
CSO Online

Google leaks details for Chromium bug that can turn browsers into bots

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...
CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

Anthropic’s Bun Rust rewrite merged at speed of AI

A pull request with a Rust version of Anthropic’s Bun, a JavaScript toolkit and runtime originally written in Zig, has been ...
Moneyweb

Durban’s Devmco takes over from Tongaat to develop R20bn Sibaya precinct

Durban-based property developer Devmco Group has officially become the ‘master developer’ leading the multibillion-rand ...