Members of Microsoft Visual Studio Dev Essentials are getting free six-month access to Syncfusion’s JavaScript UI controls in the Essential JS 2 suite.

The suite contains over 60 controls that include a grid, chart and scheduler with complete support for Angular, React and Vue frameworks, according to Syncfusion.

“We appreciate the inclusion of the Syncfusion Essential JS 2 suite as a valuable addition to our offerings for developers,” said Cliff Simpkins director of developer audience marketing at Microsoft Corp. “Developers using JavaScript now have access to a wide range of additional controls to help accelerate their web app development.”

WSO2 and Ping Identity partner on API protection
WSO2 and Ping Identity announced a new partnership to provide AI-powered cyber-attack protection for APIs within the WSO2 API Manager.

Ping Identity uses AI models to inspect and report on all API activity and blocks threats like stolen token, cookies, or API keys, attacks on login systems, remote application control, DoS and DDoS and reverse engineering the API by a hacker looking like a normal user.  

Gartner predicts that by 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.

MongoDB achieves two security benchmarks
MongoDB announced that its has been recommended for ISO/IEC 27001:2013 accredited registration, establishing itself as an information security management system (ISMS).

MongoDB also received Security Technical Implementation Guide (STIG) approval by the U.S. Department of Defense (DoD) ,allowing it to be deployed within certain DoD networks.

STIGs have been issued since 1998 and they contain technical guidance to “lock down” information systems and software that might otherwise be vulnerable to a malicious computer attack, according to MongoDB.

npm Inc. blocks malware attempt
Npm revealed it blocked a malicious attack on Tuesday, June 4th in collaboration with Komodo, which protected $13 million in cryptocurrency assets. Npm operates a public registry of reusable, open-source library packages.

The attack focused on getting a malicious package into the build chain for Agama and stealing the wallet seeds and other login passphrases used within the application, and npm, Inc. explained these attacks are increasingly common.

Users of npm will be automatically notified via npm audit if they encounter this malicious dependency in their projects, according to the company’s post.