New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
InfoWorld

Why local-first matters for JavaScript

Every developer should be paying attention to the local-first architecture movement and what it means for JavaScript. Here’s ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
Cineuropa

Netflix ed EKKOMED lanciano un'iniziativa per formare i creatori audiovisivi greci

26/02/2026 - La nuova partnership metterà a disposizione di sceneggiatori e registi greci l'accesso alla piattaforma di formazione digitale di Netflix che, tra le altre cose, comprende formazione ...
Cineuropa

Netflix et EKKOMED lancent une initiative pour former les créateurs audiovisuels grecs

26/02/2026 - Le nouveau partenariat offrira aux scénaristes et réalisateurs grecs un accès à la plateforme Digital Training de Netflix, qui propose notamment des formations et masterclasses ...