NPM

GitHub acts on npm security after Shai-Hulud worm attack

GitHub acts on npm security after Shai-Hulud worm attack

Enhanced trusted publishing to limit ongoing supply chain attacks.
Juha Saarinen Sep 29 2025 2:34PM Security
Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise

Developers targeted in new hacking campaign.
Juha Saarinen Sep 9 2025 12:54PM Security
Malware once again a headache for npm

Malware once again a headache for npm

Fortiguard finds data-thieving packages.
Richard Chirgwin Oct 4 2023 11:05AM Security
npm packages found hosting TurkoRat malware

npm packages found hosting TurkoRat malware

Typo-squatting attacks re-emerge.
Richard Chirgwin May 22 2023 11:55AM Security
Malware floods npm and PyPi registries in supply-chain attacks

Malware floods npm and PyPi registries in supply-chain attacks

Over 200 packages try to drop cryptominers.
Juha Saarinen Aug 22 2022 5:06AM Security
'Protestware' npm package dependency labelled supply-chain attack

'Protestware' npm package dependency labelled supply-chain attack

"Peacenotwar" npm module protests Russian invasion of Ukraine.
Juha Saarinen Mar 17 2022 11:52AM Security
Former SAP chief says 400k German jobs at risk from electric cars

Former SAP chief says 400k German jobs at risk from electric cars

Fewer parts, less maintenance.
Staff Writer Jan 14 2020 12:30PM Benchmarking Change
Unknown dev gets rights to popular module, adds crypto stealer

Unknown dev gets rights to popular module, adds crypto stealer

'Everything wrong with open source software security'.
Juha Saarinen Nov 27 2018 11:41AM Security

Log In

  |  Forgot your password?