The open-source project npmx is used for fast searching of npm packages. It focuses on UX, displays vulnerability warnings, and offers a dark mode.

Late in 2025, we covered the development of an AI system called Evo that was trained on massive numbers of bacterial genomes. So many that, when prompted with sequences from a cluster of related genes ...

Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to ...

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...

UTSA: ~20% of AI-suggested packages don't exist. Slopsquatting could let attackers slip malicious libs into projects.

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

Researchers have exposed OpenAI's covert Persona watchlist, active since 2023, screening users for government agencies via 53 ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Anthropic has launched Claude Code Security, an AI vulnerability scanner that found 500+ undetected bugs, plus desktop automation and GitHub PR auto-merge.

Bruno, Fx, ActivityWatch, DDEV, and TLDR Pages are all dev tools that you should try out because they're much better than ...

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...