CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

AI Porting: Claude Rewrites Bun Codebase in Rust

The JavaScript and TypeScript server and bundler Bun will consist of Rust code in the future. Within weeks, Claude Code ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...
The Caledonian-Record

NodeSource Introduces N|Solid IDE to Solve the Broken Developer Workflow in the AI Era

AI now generates more than 50% of the world’s code, and growing. The tooling that catches what that code breaks in production was not made to keep up with that speed of delivery. NodeSource, the ...

Bun posts Rust porting guide, says rewrite is still half-baked

Bun creator Jarred Sumner has posted a Zig-to-Rust porting guide, igniting speculation that the project may migrate away from Zig, though Sumner said there is no commitment to rewriting, only that he ...

Anthropic’s Bun Rust rewrite merged at speed of AI

A pull request with a Rust version of Anthropic’s Bun, a JavaScript toolkit and runtime originally written in Zig, has been ...
Windows Report

Tycoon2FA Returns With New Microsoft 365 Device-Code Phishing Attacks

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...
Tech Times

Streambert Streams Free Movies Via Russia-Linked VidSrc Domains: Hollywood Coalition Already Shut Down Similar App

A desktop app that lets users stream any movie, TV series, or anime for free and without ads hit the top of GitHub’s global ...
Visual Studio Magazine

The Rise of OpenTelemetry in Microsoft Dev Tooling

CNCF graduation, Microsoft tooling updates and cloud-provider support show broader OpenTelemetry adoption across developer platforms.
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Full list of North East DWP vacancies with salaries paying up to £136,000

The Department for Work and Pension is currently hiring across a range of roles in Newcastle and Sunderland ...