GitHub’s The Download, hosted by the GitHub team, covers a high-profile npm supply chain attack, new AI platforms like NVIDIA Rubin, VS Code Dev Days, and major updates in coding, security, and DevOps.

The Download: npm Supply Chain Attack, NVIDIA Rubin Platform, VS Code Dev Days & More

Major npm Supply Chain Attack

A critical security incident involving a supply chain attack targeted several npm packages. This episode breaks down the timeline of events, the impact on the JavaScript ecosystem, and key steps developers should take to protect their dependencies.

AI News: NVIDIA Unveils Rubin Platform

NVIDIA has introduced its next-generation Rubin platform, signaling major advances in AI hardware performance. The episode highlights what makes Rubin noteworthy and how it may influence machine learning workloads.

Language Model Hallucinations

Why do AI language models hallucinate? The episode explores fundamental reasons behind this phenomenon, how it affects developers, and ongoing research in the space.

DevOps & Coding Updates

Remote GitHub MCP Server General Availability: GitHub announced that its remote MCP server is now generally available, enabling new development workflows for distributed teams.
VS Code Dev Days Announced: The episode previews the upcoming VS Code Dev Days event, which will feature workshops, sessions, and new features for the Visual Studio Code ecosystem.
GitHub Universe 2025: Details on the next GitHub Universe conference are shared, offering a glimpse into the company’s future developer initiatives.

This Week’s News Roundup

Additional topics include Google’s EmbeddingGemma for edge devices and a look at Trackio, a new tool designed for ML experiment tracking. The program concludes with a roundup of the week’s most important developer and DevOps news.

Stay updated by subscribing to GitHub’s channels on YouTube, blog, and social media to follow the latest in software development, security, AI, and infrastructure.