Development Tools for JavaScript

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

TuxCare’s Senior Developer Advocate To Speak at JAX 2026

PALO ALTO, CA, UNITED STATES, April 30, 2026 /EINPresswire.com/ -- TuxCare, a global innovator in securing open source, ...

Pocket Gamer.biz

GameMaker launches new runtime to enable larger-scale development workflows

Cross-platform game engine GameMaker has unveiled a major update centred on the launch of its new GameMaker Runtime (GMRT).

ADTmag

Salesforce Opens Beta for React-Based App Development on Its Platform

Salesforce is opening its platform to React developers. The Multi-Framework beta lets developers build native Salesforce apps with React while using Salesforce authentication, security, governance, ...

Runpod launches Flash to bring AI inference to developers without infra overhead

Developer-centered artificial intelligence cloud provider Runpod Inc. today announced the launch of Flash, a software ...

GovInfoSecurity

Socket Buys Secure Annex to Expand Supply-Chain Visibility

Socket’s acquisition of Secure Annex extends software supply-chain security beyond open-source dependencies into browser and ...

Dark Reading

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain ...

GamingOnLinux

GameMaker is launching GMRT, a new modern runtime with source access

The popular game engine GameMaker continues advancing, with a new GMRT runtime that will give developers source access and ...

The Hacker News

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Firefox maker torches Google for building Prompt API into browser

Mozilla has reiterated its opposition to Google's decision to build AI plumbing into its Chrome browser, though rather ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results