InfoWorld

NPM 2.0 courts enterprises with Node.js module management

NPM, the standard package manager used with Node.js, enjoyed a 2.0 release this past week. Outfitted with new features and fixes, its release process has also been revised to satisfy both those who ...
Bleeping Computer

NPM nukes NodeJS malware opening Windows, Linux reverse shells

NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads ...
ZDNet

Show-stopping bug appears in npm Node.js package manager

Are you a developer who uses npm as the package manager for your JavaScript or Node.js code? If so, do not -- I repeat do not -- upgrade to npm 5.7.0. Nothing good can come of it. As one user reported ...