Cloudflare acquires VoidZero, maker of the Vite JavaScript toolchain

Cloudflare Inc. today said it has acquired VoidZero Inc., the open-source company behind Vite and the widely used JavaScript ...
MSN on MSN

This JavaScript risk could cost developers dearly

Recently, npm, the essential package manager used by developers worldwide, suffered a massive supply chain attack. This ...
The Hacker News

144 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Tech Times

Cloudflare Buys VoidZero: Vite’s 130M Weekly Users Get a New Vendor-Neutrality Pledge

Cloudflare VoidZero acquisition gives a competing CDN governance of Vite, the open source JavaScript build tool with 130 ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
InfoWorld

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...

Cloudflare Acquires VoidZero to Build the Future of the AI-Native Web

Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, today announced it has acquired VoidZero, the open source-first company behind the next-generation JavaScript tooling ecosystem ...
Analytics Insight

Why Modern Web Technologies are Closing the Gap with Native Apps

Do you recall the days when downloading an application was the only option for getting the best out of the digital realm?

Asentum's Euler Upgrade Goes Live, Clearing the Path for Its Next Phase of Growth

With its most significant consensus upgrade now live, the Operator app open to the public, and the framework for its Incentivized Testnet revealed, Asentum positions itself for a new wave of ...