A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.

The Conductor extension now can generate post-implementation code quality and compliance reports based on developer specifications.

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Imagine starting your day with a quick, digestible summary of the most important tech conversations happening on Hacker News.

A production-ready Python development environment template using modern tools: uv for blazing-fast package management, Ruff for lightning-fast linting and formatting, ty for fast and reliable type ...

dYdX has been targeted by bad actors using malicious packages to empty its user wallets.

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

Deno Sandbox works in tandem with Deno Deploy—now in GA—to secure workloads where code must be generated, evaluated, or ...

The improved AI agent access in Xcode has made vibe coding astoundingly simple for beginners, to a level where some apps can ...

JFrog security researchers have exposed two critical vulnerabilities (CVE-2026-1470, rated 9.9; and CVE-2026-0863, rated 8.5) in the n8n workflow automation platform.

OpenAI has taken a major step forward in AI-powered software development with the launch of the Codex App for macOS. Designed ...