New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
InfoWorld

First look: Electrobun for TypeScript-powered desktop apps

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in update mechanisms.

Apple issues fix for security bug exploiting older iPhone, iPad, and iPod

Updates for devices as far back as iPhone 6s and iPod Touch 7th generation fix vulnerabilities associated with the Coruna ...

Shelved border-security bill to be reintroduced with changes after concerns over police powers

Original version of Bill C-2 would have granted the police and spy agency powers to demand information about services Canadians have used ...

Bob Rennie and family donate two dozen contemporary artworks to National Gallery of Canada

Vancouver art collector Bob Rennie and his family are donating two dozen works of contemporary art to Ottawa’s National Gallery of Canada, bringing their total number of gifts to the institution to ...
InfoQ

Webpack Publishes 2026 Roadmap with Native CSS Support, Universal Target, and Path to Version 6

Webpack's 2026 roadmap, led by Even Stensberg, unveils substantial enhancements aimed at modernizing the bundler. Key features include native CSS module support, universal compilation for various ...