The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Xbox has announced it is rolling out a new Game Package Manager for all Xbox developers currently configuring or adding new products to publish to Xbox. This replaces the current Microsoft Partner ...

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.3, ...

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may be behind a spate of recent supply chain attacks. Researchers warn of a new ...

James has been writing about technology for years but has loved it since the early 90s. While his main areas of expertise are maker tools -- 3D printers, vinyl cutters, paper printers, and laser ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Linux has numerous package managers. There are command-line and GUI tools for the task. Not all package managers are created equal. When I first started using Linux, the package manager was called ...

Snap and Flatpak are Linux universal package managers. Both have their pros and cons. Each gives Linux far more apps to choose from. Flatpak and Snap are universal package managers. Both are simple to ...

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account for billions of weekly downloads. In a massive attack on the JavaScript ...