Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...

Cross-platform game engine GameMaker has unveiled a major update centred on the launch of its new GameMaker Runtime (GMRT).

The popular game engine GameMaker continues advancing, with a new GMRT runtime that will give developers source access and ...

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal ...

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...

Earn these JavaScript certs to demonstrate mastery of the most in-demand skills for the world’s most-used programming ...

Bun, acquired by Anthropic in December 2025, is both a bundler for compiling TypeScript or JavaScript applications for the ...

Harper, the unified runtime for agentic engineering, today announced the release of Harper 5.0. The release makes the platform's core fully open-source under ...

A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...