Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Developers are shifting toward artificial intelligence infrastructure as blockchain ecosystems lose contributors across major networks, from Ethereum to Solana.

Quotient AI was founded in 2023 by the engineers who led quality improvement for GitHub Copilot. The company was acquired ...

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.

An initiative within the JavaScript community is attempting to offer an alternative to the way developers view npm packages via the web. The project is ...

GitHub data suggests AI coding assistants are starting to influence which programming languages developers choose.

Project initiated by Nuxt lead Daniel Roe attracts wide support thanks to multiple issues with the official interface ...

The open-source project npmx is used for fast searching of npm packages. It focuses on UX, displays vulnerability warnings, and offers a dark mode.

In 2025, something unexpected happened. The programming language most notorious for its difficulty became the go-to choice ...

Chainguard, the trusted source for open source, today announced it has expanded Chainguard Libraries coverage across Python, Java, and JavaScript, with customers seeing 94% coverage across the Python ...

GitHub games are open-source projects for testing gameplay ideas, sharing code, and collaborating publicly outside traditional game releases.