MIT Technology Review

The Download: a blockchain enigma, and the algorithms governing our lives

To be human is, fundamentally, to be a forecaster. Occasionally a pretty good one. Trying to see the future, whether through the lens of past experience or the logic of cause and effect, has helped us ...
CSO Online

Open source maintainers being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Half a dozen vulnerabilities in the JavaScript ecosystem’s leading package managers — including NPM, PNPM, VLT, and Bun — could be exploited to bypass supply chain attack protections, according to ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, ...
Bleeping Computer

Trust Wallet says 2,596 wallets drained in $7 million crypto theft attack

Trust Wallet says attackers who compromised its browser extension right before Christmas have drained approximately $7 million from nearly 3,000 cryptocurrency wallet addresses. The cryptocurrency ...
blockchain

Anthropic Acquires Bun to Boost Claude Code’s AI Capabilities for JavaScript and TypeScript Developers

According to @AnthropicAI, Anthropic has acquired @bunjavascript to accelerate the development and adoption of Claude Code, their enterprise-focused AI coding assistant. The acquisition leverages ...