Cybernews

Next.js turf war heating up: Cloudflare’s vibe-coded gambit humbled by critical security bugs

Cloudflare’s experimental AI-built Next.js alternative, vinext, has been released with critical security flaws, escalating a feud with Next.js maintainer, Vercel.
OfficeChai

After Cloudflare Created Vercel’s Next.js In A Week Using AI, Vercel Discloses 7 Bugs In The New Framework

The ink was barely dry on Cloudflare’s announcement that it had rebuilt the most popular web framework in existence using AI — ...
InfoQ

Vercel Releases React Best Practices Skill with 40+ Performance Rules for AI Agents

Vercel has launched "react-best-practices," an open-source repository featuring 40+ performance optimization rules for React and Next.js apps. Tailored for AI coding agents yet valuable for developers ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
OfficeChai

Cloudflare Says It Used AI To Rebuild Next.js In 1 Week For $1,100

AI isn’t just helping out with coding — it’s helping complete entire projects at a pace and price-point that would’ve been unthinkable ...

Cloudflare experiment ports most of Next.js API 'in one week' with AI

Uses Vite and Claude to sidestep Vercel lock-in A Cloudflare engineer says he has implemented 94 percent of the Next.js API by directing Anthropic's Claude, spending about $1,100 on tokens.… The ...
Techzine Europe

Cloudflare builds AI-driven alternative to Next.js

Cloudflare has quickly developed an experimental alternative to Next.js, largely powered by generative AI. The project, ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...