A major JavaScript supply-chain attack has compromised hundreds of software packages — including at least 10 used widely ...
Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
Charlie Eriksen, a researcher at Aikido, identified the infected libraries and confirmed each detection manually to minimize ...
Shai Hulud malware has infected hundreds of NPM libraries, including major ENS and crypto packages, triggering a JavaScript ...
Shai-Hulud malware infiltrates 490 NPM packages, stealing API keys and credentials from ENS and major crypto development ...
A new version of the Shai-Hulud worm has infected hundreds of npm packages and caused disruption to global CI/CD workflows ...
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to ...
The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular —albeit deprecated— JavaScript ...
GitHub, the developer repository owned by Microsoft, made a little deal of its own this morning when it bought JavaScript packaging vendor npm for an undisclosed amount. As GitHub CEO Nat Friedman ...
Microsoft continues its push towards open source development with its acquisition of npm. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback