Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

Abstract: Edge caching is a promising solution for next-generation networks by empowering caching units in small-cell base stations (SBSs), which allows user equipments (UEs) to fetch users’ requested ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

FROST exploits the Origin Private File System (OPFS), a browser API that lets websites create and store files on a user's local disk.

Abstract: Edge caching has been widely implemented to efficiently serve data requests from end users. Numerous edge caching policies have been proposed to adaptively update the cache contents based on ...

Reasonix launches as a DeepSeek-native terminal coding agent with MCP support, plan mode, and a cache-first design aimed at lowering long-session API costs.

This repository provides a lightweight, modern, and feature-rich PHP SDK for the Amazon Product Advertising API 5.0 (PAAPI5). It is designed to simplify the ...

A FastMCP server for accessing United States Patent and Trademark Office (USPTO) patent and trademark data through multiple APIs including the Patent Public Search API, the Open Data Portal (ODP) API, ...

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious versions anyway. The CI/CD Trust-Chain Audit Grid maps the six gaps it ...