Nieuws

Cybernews

Hundreds of NPM packages compromised as ongoing supply chain attack snowballs out of control

Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...
InfoWorld

Inside NPM: Building and sharing JavaScript packages

The Node Package Manager, NPM, has become a powerful and important tool, supporting many different JavaScript frameworks — including JQuery, AngularJS, and React JS. If you’re building JavaScript ...
SecurityWeek

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
ZDNet

Another one-line npm package breaks the JavaScript ecosystem

An update to a tiny JavaScript library has thrown a large part of the JavaScript ecosystem into chaos on Saturday, with millions of projects believed to have been impacted. Making the entire situation ...
TechCrunch

Popular JavaScript Package Manager Npm Raises $8M, Launches Private Modules

Most JavaScript developers are familiar with the npm package manager, which was originally developed by Isaac Schlueter. What many probably don’t know is that npm is also a company co-founded by ...