Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...

On April 29, 2026, someone slipped malicious code into four widely used SAP software packages. Within days, the infection had spread to at least 169 packages across the npm registry, the world’s ...

The Mitiga disclosure is the most recent, but it is not the first time Claude Code’s configuration model has created a ...

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Claude Code plugins now have an official Anthropic-managed directory at github.com/anthropics/claude-plugins-official, consolidating 30-plus internal and 15 vetted external Claude Code extensions behi ...

Everyone should be using this feature.

Microsoft released Visual Studio Code 1.123 on June 3, adding agent-focused features, larger model context support, integrated browser updates and a new delay for some automatic extension updates.

Learn how to migrate from Auth0 to Ory. Export users, import identities, swap SDKs, and migrate social logins.

The list below isn't meant to be exclusive, it's more so a collection of links that have helped me out along the way (and can hopefully help you). As you'll see, I've focused on JavaScript, React, and ...