New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
CoinDesk

Crypto code commits fall 75% as developers move to AI projects

Blockchain ecosystems are losing developers across the board while artificial intelligence projects dominate growth on GitHub, the world’s largest platform for hosting and collaborating on software ...

Coding in 2026 Shifts Toward Design and AI Agent Oversight

Coding in 2026 shifts toward software design and AI agent management; a six-month path covers Git, testing, and security ...

Web framework: Astro 6.0 experiments with new Rust compiler

An experimental Rust compiler is intended to replace the previous Go compiler, and the Astro dev server now supports custom runtimes.

How Microsoft is simplifying keyboard accessibility for complex websites

Microsoft’s focusgroup tool is now available for early testing in Edge browsers ...
TechJuice

Hackers Exploit npm Supply Chain to Gain AWS Admin Access

Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.
Cybernews

Who owns your Chrome extension? Researchers warn side projects are being turned into malware

Many Chrome extensions start as small developer projects, and once they gain users, are sold on. But what if the new owner turns out to be a bad actor who gains the ability to update software running ...