News
The Register on MSN14d
Not pretty, not Windows-only: npm phishing attack laces popular packages with malwareThe "is" package was infected with cross-platform malware after a scam targeting maintainers The popular npm package "is" was ...
The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers ...
In a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing ...
The Node Package Manager (NPM) is the default package manager for the JavaScript runtime environment Node.js. It is used to install libraries, share packages with the community, manage ...
In February, JFrog found 25 malicious npm packages containing Discord token stealers. Many of these packages mimicked colors.js, open source software for using colored text on node.js -- before ...
Hackers compromised Toptal's GitHub organization account and used their access to publish ten malicious packages on the Node ...
“While there was a drop in instances of malware discovered on open-source repositories like npm and PyPI in 2024, threat actors have not lost interest in promoting malicious packages to open ...
Threat actors have been observed uploading over 15,000 spam packages to the npm open-source JavaScript repository from multiple user accounts within hours. The claims come from JavaScript developer ...
The Node Package Manager, NPM, has become a powerful and important tool, supporting many different JavaScript frameworks — including JQuery, AngularJS, and React JS. If you’re building ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback