GitLab announced the general availability of GitLab Duo with Amazon Q.
Code Intelligence is adding support for JavaScript into OSS-Fuzz, Google’s platform for continuous fuzzing for open-source software.
JavaScript is one of the most widely used programming languages, especially in the context of web applications. However, security testing for the JavaScript landscape is insufficient, due to a lack of reliable security tools and good integration to common development environments. As part of Code Intelligence's initiative to develop advanced fuzzing and bug detection capabilities for memory-safe languages, it recently released Jazzer.js, a state-of-the-art fuzz testing engine that brings the advancements of white-box fuzzing into the JavaScript ecosystem.
The integration of Jazzer.js into OSS-Fuzz will be the second major language integration from Code Intelligence into Google’s open-source security testing service, for which Code Intelligence provides a complete and advanced fuzzing and bug detection solution. The company’s previous fuzz testing integration into OSS-Fuzz, for Java projects, has already contributed to finding over 500 critical bugs and security vulnerabilities, including remote code execution (such as Log4Shell), Cross-Site Scripting, and injections.
OSS-Fuzz integrates advanced, industry-standard fuzzing technologies for the languages it supports. As part of their collaboration, Code Intelligence has been a strong contributor to OSS-Fuzz for memory-safe languages, such as Java and Go:
“We’ve continuously made improvements to OSS-Fuzz’s infrastructure over the years and expanded our language offerings to cover C/C++, Go, Rust, Java, Python, and Swift, and have introduced support for new frameworks such as FuzzTest.” says Oliver Chang, Senior Staff Engineer at Google’s OSS Fuzzing Team. “Additionally, as part of an ongoing collaboration with Code Intelligence, we’ll soon have support for JavaScript fuzzing through Jazzer.js.”
Jazzer.js is free, open-source, and offers a Jest testing framework integration, so developers can write fuzz tests as easily as unit tests. Furthermore, Jazzer.js is released into the node package manager (npm) so that it is easily accessible by developers. As a result, developers can benefit from excellent integration into their integrated development environments (IDEs), such as IntelliJ and Visual Studio Code, out-of-the-box.
“Our mission is to give every developer the necessary tools to write more secure code.”, says Khaled Yakdan, Chief Scientist and Co-Founder of Code Intelligence. “I’m very glad about the collaboration with Google’s Open-Source Security Team. This will help in making the JavaScript ecosystem more reliable and secure.”
Jazzer.js enables coverage-guided fuzzing for JavaScript and the Node.js.
Industry News
Perforce Software and Liquibase announced a strategic partnership to enhance secure and compliant database change management for DevOps teams.
Spacelift announced the launch of Saturnhead AI — an enterprise-grade AI assistant that slashes DevOps troubleshooting time by transforming complex infrastructure logs into clear, actionable explanations.
CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.