JavaScript runtime developed with AI: Edge.js for secure Node.js applications

Securely execute Node.js workloads in WebAssembly sandboxes – that is the goal of the new JavaScript runtime Edge.js.
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Node.js updates made easy: OpenJS offers support for companies

The OpenJS Foundation has launched a new program to support companies in switching to current Node.js versions.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Oracle unveils Project Detroit for faster Java interop with JavaScript and Python

JavaOne Oracle has shipped Java 26, a short-term release, and introduced Project Detroit, which promises faster interop ...
Developer Tech

Isolating dynamic AI agent code execution with Cloudflare’s API

Securing dynamic AI agent code execution requires true workload isolation—a challenge Cloudflare’s new API was built to solve ...
XDA Developers on MSN

I self-hosted my own Cloudflare Workers replacement, and it's incredibly simple

And more useful than I thought.
How-To Geek on MSN

The Google Maps navigation upgrade, Prime Video's price hike, the new terminal app, and more: News roundup

Everything you may have missed from the past week.
InfoWorld

9 reasons Java is still great

Java has endured radical transformations in the technology landscape and many threats to its prominence. What makes this ...