New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
InfoQ

Cloudflare Releases Experimental Next.js Alternative Built With AI Assistance

Cloudflare released vinext, an experimental Next.js reimplementation built on Vite by one engineer, with AI guidance over one ...
TechCrunch

Spotify says its best developers haven’t written a line of code since December, thanks to AI

Has AI coding reached a tipping point? That seems to be the case for Spotify at least, which shared this week during its fourth-quarter earnings call that the best developers at the company “have not ...