Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection.
Having another security threat emanating from Node.js’ Node Package Manager (NPM) feels like a weekly event at this point, ...
The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
If you like Node.js but not its package manager npm, or you want a more secure JavaScript runtime environment than Node.js, you might find the new open source project Deno of interest (the word Deno ...
An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal ...
A major attack on the supply chain for software packages for the widely used JavaScript runtime environment node.js was discovered on Monday. The attacker has injected obfuscated malicious code into ...
There's now more evidence that Microsoft's language for scaled-up JavaScript, TypeScript, is becoming an essential for developers building for the internet. Developer analyst firm RedMonk last month ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback