Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...

Acquisition brings Vite, the world’s leading JavaScript build tool, and its core open source team to Cloudflare Cloudflare commits $1 million to an independent Vite ecosystem fund to support open sour ...

If reinstalling software feels repetitive, these tools have some ideas.

Home Assistant Android update 2026.6.2 beta patches a URI intent-hijacking vulnerability that could let attackers reach ...

I built the test company in about 10 hours and the app itself in roughly 30—all through conversation with an AI, no ...