Fireship on MSN

Why Anthropic's purchase of Bun surprised everyone

In a surprise twist, Anthropic has acquired Bun, the popular JavaScript runtime, igniting discussions within the developer ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...
theregister

Anthropic’s Bun Rust rewrite merged at speed of AI

A pull request with a Rust version of Anthropic’s Bun, a JavaScript toolkit and runtime originally written in Zig, has been merged to the main Bun repository. This comes just days after its author, ...
The Hacker News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
GitHub

Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one

Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one - oven-sh/bun ...
GitHub

Update Bun runtime description from Zig to Rust # 30746

Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...