SecurityWeek

GitHub Boosting Security in Response to NPM Supply Chain Attacks

In the light of recent supply chain attacks targeting the NPM ecosystem, GitHub will implement tighter authentication and ...
Cybernews

Hundreds of NPM packages compromised as ongoing supply chain attack snowballs out of control

Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...

Massive NPM crypto hack drained only $50

Crypto intelligence platform Security Alliance released a report on Sep. 8 to reveal that Ethereum and Solana wallets have ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...
InfoWorld

What is Deno? A ‘better’ Node.js

If you like Node.js but not its package manager npm, or you want a more secure JavaScript runtime environment than Node.js, you might find the new open source project Deno of interest (the word Deno ...

Ledger CTO warns of shocking NPM attacks by crypto hackers

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...