The Ruby on Rails management team has released fixes for a serious security vulnerability in several versions of its development tool that could allow an attacker to take down a Rails process.
Recent worms and viruses targeting Web apps didn’t have much impact, but may only be the tip of the iceberg. Researchers warn that the next iterations of these attacks are imminent and could have catastrophic results.
The SCO Group announced a developer program and key partnerships with Microsoft, Palm and Day-Timers for its EdgeClick mobile app platform this week. SCO is pursuing app mobilization after a slowdown in UNIX server sales and a costly, ongoing legal battle with IBM.
With Major League Baseball’s fan base more interactive than ever, following two leagues, six divisions, 30 teams and a countless combination of statistics ranging from RBIs to ERAs, MLB.com is one biz calling a new data warehouse appliance a homerun.
A glaring spotlight is now focused on vulnerabilities inherent in a key enabler of the new breed of dynamic Web pages. Demonstrations at last week's annual Black Hat cybersecurity conference employed Web-page-embedded JavaScript to attack corporate servers.
The final release of open-source AJAX4jsf framework 1.0 is now available. The project extends the benefits of Asynchronous JavaScript and XML (AJAX) functionality to component framework JavaServer Faces (JSF), which supports UI development for J2EE applications.
An open-source Java project has opened up to Excel. Now developers using the Mondrian OLAP can apply the Microsoft app and receive support options under the project’s new spreadsheet services.
The MyEclipse 5.0 open-source IDE, released Friday, is an enterprise Java, database, RAD, UML, POJO, AJAX, and rich-client development environment certified on Windows, Linux, and Mac OS X.
.NET developers just got a leg up in the content management arena with Quantum Art's QP7.4 content application server, which is designed for graphical creation of lightweight Web apps and includes a Microsoft Visual Studio ™ integration module.
CA is recommending that users of its popular eTrust Antivirus WebScan upgrade to protect against flaws that can allow a remote attacker to execute arbitrary code or compromise the integrity of the WebScan software.
Like a game of chess, app security boils down to a series of attacks and countermoves, and developers need to do what they can during production before they become another hacker’s pawn. But one expert says that's easier said than done.
Last week Google launched an open-source project hosting service for professional software developers as part of its Google Code offerings.
A three-way collaboration has enabled FileMaker to roll out the first public beta preview of a new Application Programming Interface (API) for the popular PHP open-source scripting language.
Vendors are quick to tout SOA simplicity but some warn the process often brings unforeseen strain to IT environments.
While industry observers have viewed Microsoft's Windows and Office Live initiative as risky business, newly installed Chief Software Architect Ray Ozzie on Thursday said it is much closer to a natural evolution given the company's capabilities and heritage as a software platforms company.
Two specifications are helping developers navigate the stormy waters of SOA implementation; Service Component Architecture (SCA) and Service Data Objects (SDO) are two ways vendors hope to simplify the process.
Q&A: John Landry discusses his latest venture, Adesso Systems, which offers technology that allows IT developers to create, customize, and deploy distributed and mobile applications as quickly as low-level Web applications.
No patch is available yet for a Microsoft Windows flaw that could allow a remote attacker to crash the system and produce a blue screen.
Forrester Research characterizes the Office 2007 system as a “serious” app platform that offers enterprise developers another option for building customized Windows clients and collaboration applications.
Oracle Corp. today released the long-awaited overhaul of its database design and ETL (extraction, transformation and load) tool, Warehouse Builder 10g, Release 2 (formerly code-named "Paris").