News
Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
Not so long ago the only thing I needed to learn in order to create plugins for my blogs was PHP. I could farm out the JavaScript and CSS parts of development to freelancers. With the recent versions ...
Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback