Googleが2026年7月9日、ウェブブラウザ内でAIモデルを高速に実行するためのJavaScript向けランタイム「LiteRT.js」を発表しました。
Experimental ‘deno desktop’ feature in Deno 2.9 produces a native desktop application that compiles into a single ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Microsoft says latest attack targets Leo Platform and RStreams packages, harvesting creds and going after more maintainers ...
The gains in coding productivity using cutting-edge AI tools continue to generate some incredible results. Jarred Sumner, the creator of the JavaScript runtime Bun, has published a detailed account of ...
JavaScriptのパッケージマネージャー「npm」の16年の歴史において、最も重要なセキュリティ刷新となる「npm ...
Microsoft Threat Intelligenceは2026年6月25日、このキャンペーンを公表し、その配信手法を「認証ロンダリング(authentication laundering)」と正式に命名した。同社は、これがホテル業界にとどまらない、新たな回避手法のクラスであると警告している。
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
Security tooling is not written in a single language. Python powers most automation. C sits at the exploit layer. PowerShell ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...