Recent news and analysis on Developer Tools & Open Source

Developer tools and open source news covering programming languages, package ecosystems, licenses, foundations, and dev platform shifts.

• Red Hat hit by npm supply-chain attack with credential-stealing worm

  Red Hat suffered an npm supply-chain attack where 96 versions across 32 packages in the @redhat-cloud-services namespace were backdoored with Miasma, a self-spreading worm that steals credentials from npm, GitHub, AWS, and SSH environments. The attack used a compromised GitHub account and OIDC tokens.

• "Using Rhino Linux's new Lomiri snapshot took me back to the glory days of Unity"

  This commentary argues that Rhino Linux's new Lomiri desktop, inspired by Canonical's Unity, revives the concept of convergence between desktop and mobile. The author contends that while Canonical's earlier attempt failed due to poor hardware, Rhino Linux's modern take shows promise, though the snapshot is not yet ready for everyday use.

• "Meet Wander, a StumbleUpon-inspired tool for discovering the 'small web'"

  This article describes Wander Console, an open-source tool for discovering indie websites, inspired by StumbleUpon and webrings. It argues that such tools help revive the 'small web' and make online exploration more human and serendipitous, countering the dominance of AI summaries and commercial content.