Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
heise online

ESLint 10.0: New features for JavaScript code analysis in major release

The open-source tool ESLint for static code analysis has been released in version 10.0, with numerous new features and breaking changes. As this is a major version, developers may not receive the ...
heise online

TypeScript 6.0 is on the horizon: The last JavaScript-based version

Microsoft has released the beta version for TypeScript 6.0, the last release with the current JavaScript codebase. From version 7.0 onwards, the compiler and the language service will be written in Go ...
InfoQ

Vercel Releases React Best Practices Skill with 40+ Performance Rules for AI Agents

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...
GitHub

The Official IDL Extension for Visual Studio Code

New native integration with IDL 9.2+ powered by the IDL Machine for a faster, more responsive experience in VSCode Initial GitHub Copilot integration to let AI start IDL, run code, and automate common ...