InfoWorld

Javascript developers should consider moving away from the npm and yarn platforms for distributing their work because newly-found holes allow threat actors to run malicious worm attacks like Shai-Hulud, says an Israeli researcher. The warning comes from Oren Yomtov of Koi Security, who blogged Monday of discovering six zero day vulnerabilities in several package managers that could allow hackers …

Descope has announced Agentic Identity Hub 2.0, an update to its no-code identity platform for AI agents and Model Context Protocol (MCP) servers. The new release gives developers and security teams a dedicated UI and control plane to manage authorization, access control, credentials, and policies for AI agents and MCP servers, Descope said. Unveiled January 26, Agentic Identity Hub 2.0 lets MCP …

JetBrains has released Ktor 3.4, an update to its Kotlin -based framework for asynchronous server-side and client-side application development. The release brings duplex streaming to the OkHttp client engine and introduces a new HttpRequestLifecycle plugin that enables the cancellation of in-flight HTTP requests when the client disconnects. Ktor 3.4 was announced January 23 . Instructions for get…

Organizations need to be less trustful of data given how much of it is AI-generated, according to new research from Gartner. As more enterprises jump on board the generative AI train — a recent Gartner survey found 84% expect to spend more on it this year — the risk grows that future large language models (LLMs) will be trained on outputs from previous models, increasing the danger of so-called m…

Most engineers have heard the phrase “ 10x engineer ” or “ force multiplier “. In practice, the highest leverage is not solo heroics but whether your presence makes everyone around you faster, safer and more effective. That is force multiplication. Early in my time as a Senior Software Engineer, I didn’t have a clear framework for how to excel as a senior IC and multiply my team’s impact. I spoke…

When one compromised agent brought down our entire 50-agent ML system in minutes, I realized we had a fundamental problem. We were building autonomous AI agents without the basic trust infrastructure that the internet established 40 years ago with DNS. As a PhD researcher and IEEE Senior Member, and I’ve spent the past year building what I call “DNS for AI agents” — a trust layer that finally giv…

For several decades now, the most innovative software has always emerged from the world of open source software. It’s no different with machine learning and large language models . If anything, the open source ecosystem has grown richer and more complex, because now there are open source models to complement the open source code. For article, we’ve pulled together some of the most intriguing and …

Developers have spent the past decade trying to forget databases exist. Not literally, of course. We still store petabytes. But for the average developer, the database became an implementation detail; an essential but staid utility layer we worked hard not to think about. We abstracted it behind object-relational mappers (ORM). We wrapped it in APIs . We stuffed semi-structured objects into colum…

Most Go language developers are using AI-powered software development tools, but their satisfaction with these tools is middling, according to the 2025 Go Developer Survey. The survey also found that the vast majority of Go developers—91%—were satisfied with using the language. Results of the survey, which featured responses from 5,739 Go developers in September 2025, were published January 21 in…

GitHub has launched a technical preview of the GitHub Copilot SDK, a tool kit for embedding the “agentic core” of the GitHub Copilot CLI into applications. Available on GitHub , the SDK was unveiled on January 22 . Initially available for Node.js / TypeScript , Python , Go , and .NET , the GitHub Copilot SDK exposes the same engine behind the GitHub Copilot CLI, a production-tested agent runtime …

Faster Python is now within reach, thanks to its shiny new JIT. But we also have fast dataframes thanks to Pandas, and three slick new GUI interfaces for SQLite. And then there’s Zed, the new Rust-powered contender to VS Code’s throne. It’s a busy time in the world of Python, and we’ve got all the scoops. Top picks for Python readers on InfoWorld How to use Pandas for data analysis in Python For …

We’ve spent the last decade telling ourselves that cloud computing is mostly a tool problem. Pick a provider, standardize a landing zone, automate deployments, and you’re “modern.” Agentic AI makes that comforting narrative fall apart because it behaves less like a traditional application and more like a continuously operating software workforce that can plan, decide, act, and iterate. Agentic AI…

OpenAI has made its Codex AI coding agent available directly inside JetBrains IDEs, enabling developers to plan, write, test, review and deploy code without leaving their editor. OpenAI and JetBrains announced this move on January 22 . With Codex now natively integrated into JetBrains AI chat, developers now can collaborate with Codex directly within a JetBrains IDE, starting with version 2025.3.…

The Rust team has unveiled Rust 1.93, the latest version of the programming language designed to create fast and safe system-level software. This release improves operations involving the DNS resolver for the musl implementation of the C standard library. Linux binaries are expected to be more reliable for networking as a result. Rust 1.93 was introduced January 22 . Developers with previous vers…

Salesforce-owned integration platform provider MuleSoft has added a new feature called Agent Scanners to Agent Fabric — a suite of capabilities and tools that the company launched last year to rein in the growing challenge of agent sprawl across enterprises. Agent sprawl , often a result of enterprises and their technology teams adopting multiple agentic products, can lead to the fragmentation of…