The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.

Overview:  AI coding tools help developers write code faster, fix bugs more easily, and spend less time on repetitive work. Many tools also help with testi ...

MESCIUS USA, Inc., a global provider of award-winning enterprise software development tools, is pleased to announce a new product for the Document Solutions product line: Document Solutions PDF JS.

Anthropic acquired SDK startup Stainless, signaling a deeper push into developer tooling as AI labs compete beyond model ...

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Kiro, Spec Kit, Tessl, and Zenflow offer a more systematic and structured approach to developing with AI agents than vibe ...

Anthropic has completed the acquisition of the developer tools startup Stainless, bringing a widely used software platform in ...

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

The malware employs ecosystem-specific techniques for execution. On npm, many packages use post-install hooks to deploy a comprehensive JavaScript payload ...

Digital Brands Group, Inc. (“DBG” or the “Company”) (NASDAQ: DBGI), a publicly traded company specializing in apparel and e-commerce, today announced a strategic partnership with Renov AI, an applied ...

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.

OpenAI has introduced a major update to its Codex platform, adding new features aimed at helping developers work faster and more smoothly.