Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...

Chrome for macOS soundly beats browser benchmark records

Google has set new browser performance records for Chrome following a year of improvements, with the latest results made ...
InfoQ

Next.js 16.2: 400% Faster Dev Startup, Faster Rendering, and Deeper Tooling for AI Agents

Vercel has released Next.js 16.2, featuring performance enhancements that make development startup 400% faster and rendering ...

Cloudflare acquires VoidZero, maker of the Vite JavaScript toolchain

Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript ...
Tech Times

Fake Claude Code Installers on 32 Live Sites Steal Developer API Keys via Google Ads

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

4 weeks. 3 deals. How Dun & Bradstreet aims to be the AI industry's linchpin

The century-old Jacksonville firm is betting big on becoming what executives call a "context window" for enterprise AI systems. That means rethinking how customers access its data and who those ...

Attack on GitHub.dev steals OAuth token for all repos

The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...

AI needs a 'brake pedal', warns Anthropic co-founder

Jack Clark tells BBC's Newsnight AI could get to the point where it develops without human input.

The World Cup and the world tax – How you may accidentally become a U.S. fiscal resident

In all cases, you should be aware of the U.S. tax rules governing your presence and activities in the United States. A ...
Bleeping Computer

Credit card theft campaign abuses Stripe to host stolen payment info

A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. The entire malicious activity relies on Google Tag ...
The Hacker News

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Operation FlutterBridge is a macOS malvertising campaign spreading FlutterShell, a Flutter-based backdoor with adware ...