Socket’s threat researchers have uncovered a package lurking in npm for six years that awaits a remote command to wipe projects. The culprit? A package called xlsx-to-json-lh, which mimics the legitimate xlsx-to-json-lc package. Notice the difference? Just one letter separates them, a ‘h’ instead of a ‘c’ – an easy mistake for even careful developers… …
Read more “Package lurking in npm for six years waits to destroy your work”
Factory’s new ‘Droids’ aren’t typical AI coding assistants, they’re billed as full-blown software development agents. Instead of just focusing on code completion or simple generation tasks, Factory claims to have built AI agents that can handle the often messy reality of the entire development lifecycle. Maybe Factory’s AI agents are the droids you’re looking for… …
Read more “Factory ‘Droids’ AI agents tackle entire development lifecycle”
Earlier this month, Qt pulled back the curtain on its new “Bridges” technology at Qt World Summit 2025. As its name suggests, it aims to build bridges between Qt’s UI capabilities and a host of popular programming languages, without forcing developers to abandon their existing codebases. “Our ethos with Qt and cross-platform development has always… …
Paris-based Mistral has just rolled out their Agents API, through which it aims to make AI “more capable, useful, and an active problem-solver.” Today’s AI can talk a good game, but often falls flat when you need it to take real action. This new API gives AI the ability to do things like search the… …
Read more “Mistral Agents API: Transforming complex AI workflows”
The npm registry is once again in the spotlight, this time battling a malware campaign using malicious packages to map developer networks. Expert threat intelligence analysts over at Socket have flagged a coordinated attack involving at least three publisher accounts. These aren’t your run-of-the-mill malicious efforts; these actors have managed to distribute 60 different packages,… …
Read more “60 malicious npm packages caught mapping developer networks”
Java, which first blinked into existence in 1995, is 30 years old this week and continues to be a stalwart in modern programming. Brian Fox, Co-founder and CTO of Sonatype, puts it perfectly. Java, he says, kicked off with a “bold promise of portability and simplicity.” That legendary “write once, run anywhere” wasn’t just a… …
Read more “Java at 30: Still brewing success or evaporating?”
At KotlinConf 2025, JetBrains showcased Kotlin advancements including language enhancements, the maturation of the K2 compiler, tooling like Amper, strides in KMP, and a push into AI. Eyes are on Kotlin 2.2, which is set to bring some rather useful features to the table. Developers can start getting ready for guard conditions in when-with-subject, multi-dollar… …
Read more “JetBrains reveals Kotlin 2.2, Amper, AI tools at KotlinConf 2025”
Google unveiled a flood of AI announcements during I/O 2025 designed to arm developers with next-generation models and tools. Mat Velloso, VP of Product for the AI Developer Platform at Google DeepMind, said: “We believe developers are the architects of the future. That’s why Google I/O is our most anticipated event of the year, and… …
Read more “I/O 2025: Google arms developers with fresh AI models and tools”
During the Microsoft Build conference, GitHub announced they’re giving Copilot agent capabilities to automate DevOps loops. When needed, Copilot will be able to essentially take the wheel – that’s the gist of their new asynchronous coding agent, now embedded directly within GitHub and chattable from VS Code. It’s all about creating what they’re calling a… …
Read more “GitHub Copilot automates DevOps loops with agent capabilities”
While research from DappRadar shows a dip in blockchain gaming metrics, the broader view is of an industry “growing up”. Let’s get the slightly gloomy numbers out of the way first. Daily Unique Active Wallets (think of these as daily players jumping in) dropped to 4.8 million in April, a 10% dip over the previous… …