Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

The round comes just eight months after Supabase closed on its Series E and means it has now raised over $1 billion in total ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

With over 2.2 billion installs, the flawed Python package offers attackers a huge blast radius, including silent access to ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

A developer went viral for reconfiguring Chipotle’s customer support bot into a coding assistant, and providing the playbook ...

As Nigeria’s digital economy accelerates, local tech startups and enterprise firms alike face a quiet, internal crisis: the ...

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...

MotherDuck Corp., the maker of a cloud-native data warehouse based on the open-source DuckDB analytical engine, is betting ...

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers and agent infrastructure.