Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

VS Code agents are now in Stable preview, and the 1.122 update removed the GitHub OAuth requirement from BYOK, letting defense, healthcare, and finance developers run fully air-gapped AI-assisted ...

CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

Microsoft has released VS Code 1.123 with a new Research Agent, AI session syncing, Chronicle search, browser upgrades, and ...

Microsoft has released VS Code 1.122 with BYOK support without sign-in, mobile device emulation, and a new issue reporting ...

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub ...

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.

On May 19 GitHub confirmed the security breach across its social media channels, verifying that there was unauthorized access to internal repositories and stating that it was monitoring the situation ...

The GitHub data breach comes at a time when hackers are increasingly targeting popular open source projects, including coding ...

An unauthorised group calling itself TeamPCP accessed GitHub's internal repositories, targeting VSCode extensions used by millions of developers daily. The incident is the latest in a pattern of ...