Developer tidbits for the weekend – smaller news of the week

Small but interesting news tidbits from the news buffet about React Native, Perl, JavaScript, ASP .NET Core, State of Web Dev ...
InfoQ

Safari Adds scrollend Event Support, Completing Baseline Browser Coverage

Safari's release of version 26.2 in December introduced support for the scrollend event, completing its alignment with major browsers. This event signals when scrolling has definitively ended, ...
CSO Online

Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Now a security researcher says a Reader hole has been quietly exploited by malware for as long as four months, fingerprinting ...
SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

The Google API keys, all using the ‘AIza…’ format, can be abused for retroactive privilege escalation: a key that a developer ...

Apple Releases Safari Technology Preview 241 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...
Meta - About Facebook

Introducing Muse Spark: MSL’s First Model, Purpose-Built to Prioritize People

Muse Spark powers a smarter and faster Meta AI assistant, and will be rolling out to WhatsApp, Instagram, Facebook, Messenger ...
GitHub

The highest-scoring AI memory system ever benchmarked. And it's free.

Every conversation you have with an AI — every decision, every debugging session, every architecture debate — disappears when ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
GitHub

GitHub MCP Server

The GitHub MCP Server connects AI tools directly to GitHub's platform. This gives AI agents, assistants, and chatbots the ability to read repositories and code files, manage issues and PRs, analyze ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...