InfoWorld

JDK 25: The new features in Java 25

Long-Term Support release, with features ranging from structured concurrency and compact object headers to ahead-of-time method profiling and JFR CPU-time profiling on Linux, is now generally ...
InfoWorld

The best new features in Java 25

JDK 25 brings powerful new features to Java and JVM developers. Here are seven new or updated features that could convince you to switch. Java continues its fast and feature-packed release schedule, ...

Java developers want container security, just not the job that comes with it

BellSoft survey finds 48% prefer pre‑hardened images over managing vulnerabilities themselves Java developers still struggle ...
Dark Reading

150,000 Packages Flood NPM Registry in Token Farming Campaign

Amazon researchers discovered more than 150,000 malicious packages in the NPM registry, in what they called "a defining moment in supply chain security." The packages were part of a token farming ...
Ars Technica

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to be the world’s biggest supply-chain attack ever. “Sorry everyone, I should ...
Dark Reading

Malicious NPM Packages Disguised With 'Invisible' Dependencies

As poisoned software continues to pop up across the industry, some threat actors have found a way to hide malicious code in npm packages and avoid detection from most security tools. In an blog post ...
CSOonline

Malicious npm packages target the n8n automation platform in a supply chain attack

Threat actors were spotted weaponizing the n8n automation ecosystem this week, slipping malicious npm packages into its marketplace of community-maintained nodes. The deceptive packages, disguised as ...