InfoQ

Vercel Releases React Best Practices Skill with 40+ Performance Rules for AI Agents

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...
Control Global

New virtualization tools keep sprouting

Just like algae blooms in the ocean and pollen in the spring, there’s been an explosion in the past year or two of new software, related tools and lingo from the IT and mainstream/consumer side. Some ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Joost de Valk Exits Federated WordPress Repository Project

Effort to create an independent WordPress plugin and theme repository fails to gain support, prompting Joost de Valk to step ...
InfoQ

Cilium at Ten Years: Stronger Encryption, Safer Policies, and Clearer Visibility for Large Clusters

Cilium 1.19 has been released, marking ten years of development for the eBPF-based networking and security project. There isn’t a flagship feature in this release; instead, it focuses on security ...
The Hacker News

Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens

Malicious StripeApi.Net package on NuGet mimicked Stripe.net, logged 180,000 downloads, and stole Stripe API tokens before removal.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...