All newsletters
2026-06-06
2 min read
BrowserDevOpsDatabasesSecurityOpen SourceDev ToolsFrameworksAI Tools

Chrome 149 Patches 429 Vulnerabilities & Brave Origin Charges $60 & TanStack Start Full-Stack Framework

Chrome 149 rolls out with 429 security patches, Brave launches a paid stripped-down browser variant, and TanStack Start enables type-safe full-stack React development.

AI Coding Tools

  • Junie CLI adds non-blocking follow-up prompts, letting you type clarifications while the assistant works on tasks without waiting for completion. Read more

Frameworks & Libraries

  • TanStack Start is now available as the application layer for full-stack React and Solid apps, using a type-safe route model across the stack. Read more

Browser & Web Platform

  • Chrome 149.0.7827.53 ships with 429 security patches for Linux, Windows, and macOS, addressing critical vulnerabilities including CVE-2026-10901 (use-after-free in Passwords), CVE-2026-10892 (out-of-bounds write in GPU), and CVE-2026-10966 (sandbox escape in Codecs). Read more
  • Brave Origin, a paid stripped-down variant, removes email aliases, Leo AI, VPN, Brave Wallet, and Speedreader for $60 one-time on desktop and Android; free on Linux with unlimited device activations. Read more

DevOps & Cloud

  • Cloudflare AI Gateway now features real-time spend limits to prevent runaway token bills across multiple AI providers, integrated with Cloudflare Access for cost control. Read more

Databases & Data

  • ClickHouse released guidance on monitoring SLAs and scaling ClickHouse Cloud using clickhousectl with per-workload query tagging and agent-based remediation. Read more
  • Pinecone Nexus early access customers report significant improvements in accuracy, latency, and costs using the knowledge engine in production environments. Read more

Security

  • CVE-2026-3300 (CVSS 9.8): Threat actors actively exploit a critical RCE vulnerability in Everest Forms Pro WordPress plugin affecting 4000+ sites. Read more
  • CVE-2026-20245: Cisco warns of an unpatched high-severity zero-day in Cisco Catalyst SD-WAN Manager actively exploited in attacks to gain root access. Read more
  • SolarWinds Serv-U flaw: CISA reports that hackers now actively exploit a recently patched high-severity vulnerability to crash servers. Read more

Open Source

  • Paperclip: An open-source Node.js/React platform for orchestrating teams of AI agents at work, positioning itself as the coordination layer above individual agent tools. Read more
  • Natively: A free, open-source AI interview copilot and meeting assistant that offers an alternative to Cluely and Final Round AI. Read more

Dev Tools & IDEs

  • WebStorm 2026.2 EAP 5 fixes TypeScript autocomplete for accessors incorrectly inserting parentheses and improves IDE feature detection. Read more

Enjoyed this issue?

Get this in your inbox

Join 1,000+ developers getting daily tech updates.

Subscribe free

More issues

OpenAI ChatGPT Dreaming Memory & Cloudflare Acquires VoidZero & PostgreSQL 19 Beta & Supabase $500M Series F

2026-06-05

Microsoft's MAI-Image Models Beat Nano Banana & Google's Gemma 4 Fits on Laptops & Chrome 150 Lands PWA Migration & VS Code Zero-Day Steals GitHub Tokens

2026-06-04

GitHub Copilot SDK GA & Chrome 149 CSS Gap Decorations & Redis 8.8 Array Type & Android Zero-Day Patch

2026-06-03