Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have ...
The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

Microsoft Threat Intelligence has uncovered an active supply chain attack involving malicious npm packages registered under organizational scopes that mirror real internal corporate namespaces, ...

「Prompt API」が安定版に、超効率モデル「Gemma 197M」も ~「Google Chrome ...

先日開催された「Google I/O 2026」では多くの製品でAIを活用した新機能や改善がアナウンスされたが、「Google Chrome」もその例外ではない。とくに注目したいのが、Webブラウザー組み込みのAI(Built-in ...
GitHub

modaic-ai/gepa-viz

Live visualization for GEPA prompt-optimization runs. Renders the candidate tree as a force-directed graph so you can watch prompts evolve over a pareto frontier in real time. Big nodes are candidates ...

JavaScript不要、「PWA」をインストールする新しいHTML要素が「Chrome ...

「Google Chrome」と「Microsoft Edge」で、Webアプリ(PWA)を簡単にインストールできるようにする新しいHTML要素がテストされているとのこと。米Googleの開発者向けブログ「Chrome for ...

All You Need To Know About Cloudflare’s Agent Readiness Score

The Cloudflare Agent Readiness Score is a real shift. The composite number is also the wrong thing to optimize for. Here's ...
Tech Times

npm Supply Chain Attacks Hit GitHub: 2FA Approval Gate Now Blocks Stolen CI Tokens

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...