Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...

Founded by Evan You, VoidZero was created with the goal of building a unified, high-performance JavaScript toolchain. Rather than focusing on a single framework, the ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe ...

完全跑偏的那一半：前端工作的天花板，不是切页面。 前端真正值钱的能力——异步流程设计、流式体验优化、交互状态管理、组件化工程思维——这些 AI 一个都学不会。而这些能力，恰好是 AI Agent 应用开发最核心的竞争力。

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Abstract: One of the more interesting developments recently gaining popularity in the server-side JavaScript space is Node.js. It's a framework for developing high-performance, concurrent programs ...

If the prerequisites are met, attackers can break out of the vm2 sandbox on a Node.js instance and execute malicious code. A proof-of-concept exploit is public, but so far there are no reports of ...

As the Wasmer team explains the reasons behind the new runtime, Node.js has two difficulties: it is tied to V8 as the only JavaScript engine and cannot securely execute workloads without ...

Node.js has released updates to fix what it described as a critical security issue impacting "virtually every production Node.js app" that, if successfully exploited, could trigger a denial-of-service ...

在宣布此次收购的同时，Anthropic 也表示，今年 11 月，Claude Code 在面向公众开放仅 6 个月后，就实现了年化营收突破 10 亿美元的里程碑。 当地时间 12 月 2 日，Anthropic 宣布收购了热门开发者工具初创公司 ...