Developer Tech

Socket security analysis on npm: A shield for supply chains

The npm registry now includes Socket security analysis links directly on package pages to help developers assess supply chain risks.
InfoQ

How WebAssembly Components Enable Safe and Portable Software Extensions

ABI and scripting to the Wasm Component Model (WASI Preview 2). He shares how to build secure plugin systems that run at near ...
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
InfoWorld

GlassFish 8 Java server boosts data access, concurrency

Update implements Jakarta EE 11 platform and brings support for Jakarta Data repositories and virtual threads.