New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
InfoQ

Cloudflare Releases Experimental Next.js Alternative Built with AI Assistance

Cloudflare released vinext, an experimental Next.js reimplementation built on Vite by one engineer, with AI guidance over one ...

How to make your e-commerce product visible to AI agents? Use this new system trusted by L’Oréal, Unilever, Mars & Beiersdorf

This new framework is designed to provide brands with a 'brand-friendly' anchor in an ecosystem increasingly dominated by autonomous shoppers.
GitHub

Barrel file removal tool for JavaScript & TypeScript projects (ESM-only).

Barrel files are convenient, but they often come with trade-offs including: Performance and memory: they artificially inflate the module graph and slow down startup times, HMR, and CI pipelines.

Commerce Is Broken, Stord Aims To Fix It By Helping Brands Move Faster

Stord, the $1.5 billion-dollar e-commerce enablement platform, powers nearly $10 billion in annual commerce for brands like AG1, True Classic and Native.

How To Drive E-Commerce Engagement And Conversions: Agency Insights

With rising acquisition costs and endless digital competition, traffic's not enough—and creating engagement that converts ...

USAA taps former Sam's Club, Bank of America exec as new CMO

Chris Curtin brings experience from Sam's Club and Bank of America to lead USAA's marketing strategy and brand communications. The veteran marketer joins from Sam's Club and previously led digital ...
InfoWorld

Abandoned project linking Java, JavaScript makes a comeback

Once envisioned as a bridge between Java and JavaScript, the Detroit project never got off the ground. Now, there are efforts at reviving it, adding a Python engine to the mix. Intended to enable ...