InfoWorld

Document database vendor MongoDB has advised customers to update immediately following the discovery of a flaw that could allow unauthenticated users to read uninitialized heap memory. Designated CVE-2025-14847 , the bug, mismatched length fields in zlib compressed protocol headers, could allow an attacker to execute arbitrary code and potentially seize control of a device. The flaw affects the f…

Python 3.14 was the star of the show in 2025, bringing official support for free-threaded builds, a new all-in-one installation manager for Windows, and subtler perks like the new template strings feature. Other great updates this year included a growing toolkit of Rust-backed Python tools, several new options for packaging and distributing Python applications, and a sweet little trove of third-p…

Large language models (LLMs) have grabbed the world’s attention for their seemingly magical ability to instantaneously sift through endless data, generate responses, and even create visual content from simple prompts. But their “small” counterparts aren’t far behind. And as questions swirl about whether AI can actually generate meaningful returns (ROI), organizations should take notice. Because, …

A job posting by a Microsoft engineer sparked excitement about a project “to eliminate every line of C and C++ from Microsoft by 2030”, replacing it with Rust — but alas for fans of the memory-safe programming language , it turns out this is a personal goal, not a corporate one, and Rust isn’t necessarily even the final target. Microsoft Distinguished Engineer Galen Hunt posted about his ambitiou…

The command line has always been the bedrock of the developer’s world. Since time immemorial, the CLI was a static place defined by the REPL (read-evaluate-print-loop). But now modern AI tools are changing that. The CLI tells you in spartan terms what is happening with your program, and it does exactly what you tell it to. The lack of frivolity and handholding is both the command-line’s power and…

JITing, or “just-in-time” compilation, can make relatively slow interpreted languages much faster. Until recently, JITting was available for Python only in the form of specialized third-party libraries, like Numba , or alternate versions of the Python interpreter, like PyPy . A native JIT compiler has been added to Python over its last few releases. At first it didn’t provide any significant spee…

Deno 2.6, the latest version of the TypeScript , JavaScript , and WebAssembly runtime, adds a tool, called dx , to run binaries from NPM and JSR (JavaScript Registry) packages. The update to the Node.js rival was announced December 10 ; installation instructions can be found at docs.deno.com . Current users can upgrade by running the deno upgrade command in their terminal. In Deno 2.6, dx is an e…

To help the Rust language continue scaling across domains and usage levels, the Rust Vision Doc group recommends enumerating the design goals for evolving the language while also improving the crates package system. These suggestions were made in a December 19 blog post titled, “What do people love about Rust?” The group made the following specific recommendations: Enumerate and describe Rust des…

Security researchers have uncovered a malicious npm package that poses as a legitimate WhatsApp Web API library while quietly stealing messages, credentials, and contact data from developer environments. The package, identified as “lotusbail,” operates as a trojanized wrapper around a genuine WhatsApp client library and had accumulated more than 50k downloads by the time it was flagged by Koi Sec…

If you were around for the first big wave of cloud adoption, you’ll remember how quickly the term cloud was pasted on everything. Anything with an IP address and a data center suddenly became a cloud. Vendors rebranded hosted services, managed infrastructure, and even traditional outsourcing as cloud computing. Many enterprises convinced themselves they had modernized simply because the language …

As engineers and managers, we all have been interrupted by those unplanned, time-sensitive requests (or tasks) that arrive outside normal planning cadences. An “urgent” Slack, a last-minute requirement or an exec ask is enough to nuke your standard agile rituals. Apart from randomizing your sprint, it causes thrash for existing projects and leads to developer burnout. This is even more critical n…

Microsoft is providing early access to C++ code editing tools for GitHub Copilot via the Visual Studio 2026 Insiders channel. These C++ tools allow GitHub Copilot to go beyond file searches and unlock greater context-aware refactoring that enables changes across multiple files and sections, according to Microsoft. Public availability was announced December 16 , with the blog also offering instruc…

Anysphere, the developer of AI coding assistant Cursor, is adding some code review and debugging skills to its portfolio with the acquisition of Graphite, TechCrunch reported Friday . The output of AI coding tools often requires extensive debugging, something the company sought to address with new code review capabilities in Cursor 2.0 . Through the acquisition, Anysphere will be able to add new …

The computer revolution has always been driven by the new and the next. The hype-mongers have trained us to assume that the latest iteration of ideas will be the next great leap forward. Some, though, are quietly stepping off the hype train. Whereas the steady stream of new programming languages once attracted all the attention, lately it’s more common to find older languages like Ada and C recla…

The most significant advances in artificial intelligence next year won’t come from building larger models but from making AI systems smarter, more collaborative, and more reliable. Breakthroughs in agent interoperability, self-verification, and memory will transform AI from isolated tools into integrated systems that can handle complex, multi-step workflows. Meanwhile, open-source foundation mode…