Bun just merged a massive PR rewriting its core from Zig to Rust — over a million lines changed in roughly a week. Here’s what happened, why it matters, and what the community thinks about an AI-assisted rewrite of an entire JavaScript runtime.
A massive npm supply chain attack compromised TanStack, Mistral AI’s client library, and over 170 packages. Here’s what happened, how the attack worked, and the practical steps you should take today to protect your projects.
Anthropic just bought all 300+ MW of SpaceX’s Colossus 1 data centre. Stacked next to its multi-gigawatt deals with AWS, Google, Azure and Fluidstack, the frontier-model race has quietly become a power-and-real-estate race — and that changes what developers can expect from these APIs.
A Dune-themed malware campaign targeting the PyTorch Lightning library highlights how AI/ML supply chains are becoming prime targets for sophisticated attacks.
AWS and Azure are aggressively expanding their edge computing offerings for industrial IoT, bringing cloud-native tooling to factory floors and field operations.
Deno 2.3 brings workspace support and improved Node compatibility. With Bun maturing and Node.js evolving, the JavaScript runtime landscape is reaching an interesting equilibrium.
Google Cloud Next 2026 put platform engineering front and center, with new tools for developer experience, Gemini-powered operations, and a maturing GKE ecosystem.
GitHub Copilot’s agent mode is now generally available, promising autonomous multi-step coding. Here’s what works, what doesn’t, and what it means for how we build software.
Python 3.14’s development is pushing free-threading forward. Here’s what the removal of the GIL means practically, and why it matters more than you might think.
Supply chain security frameworks like SLSA and SBOM requirements are moving from recommendations to mandates. Here’s what developers need to know about the shifting landscape.
