Anthropic bakes memory fixes into Bun 1.1.13 as developers complain of leaks

But perhaps most important is the attention to memory issues in this release. Bun inventor Jared Sumner claims that the ...
HHS

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Claude Code cache chaos creates quota complaints

Anthropic last month reduced the TTL (time to live) for the Claude Code prompt cache from one hour to five minutes for many requests, but said this should not increase costs despite users reporting ...
InfoWorld

Is your Node.js project really secure?

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...

Do not fall for this fake Windows update support site. It’s spreading a password-stealing malware

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installerThe Latest Tech News, Delivered to Your Inbox ...

Cloudflare And OpenAI Launch Agent Cloud For Enterprises

Cloudflare expands Agent Cloud with OpenAI GPT-5.4 integration and isolate-based Dynamic Workers, challenging containers as ...
TechJuice

GlassWorm Escapes JavaScript Sandbox to Silently Spread Across Developer Tools

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

Claude Code unintentionally open source: Source map reveals all

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm registry.