But perhaps most important is the attention to memory issues in this release. Bun inventor Jared Sumner claims that the ...
Cheng Lou, a Midjourney engineer, recently released Pretext, a 15KB open-source TypeScript library that measures and lays out ...
Pulumi has announced that Bun is now a fully supported runtime for Pulumi, going beyond its previous role as merely a package ...
Harper 5.0 launches with an open-source core, RocksDB support, and a unified runtime for AI agents—cutting latency and ...
GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.
A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.
Fireship on MSN
The JavaScript ecosystem didn’t see this coming
Anthropic’s move into the JavaScript ecosystem surprised almost everyone. Buying a popular runtime isn’t just a tooling ...
The Javascript-Wrapper is part of the AST-CLI project that provides a shared infrastructure across the AST projects. It contains technology neutral repository interfaces as well as a metadata model ...
A supply-chain attack affecting Axios, the popular JavaScript library, traced back to DPRK threat activity. (Image: Shutterstock) A supply-chain attack that compromised versions of Axios to distribute ...
The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm registry.
The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results