Nieuws

adtmag.com

Visual Studio Code Update Overloads npm Service, Forces Version Rollback

Microsoft said its Visual Studio Code 1.7 release overloaded the npmjs.org JavaScript package management service for Node.js, forcing a rollback to version 1.6.1. (Update: After this article was ...
InfoWorld

Visual Studio Code extension flags NPM vulnerabilities

Security developer Snyk has published a free extension for Microsoft’s popular Visual Studio Code editor that finds vulnerabilities in NPM packages. Introduced April 2, the open source Snyk Vuln Cost ...
Ars Technica

Hundreds of code libraries posted to NPM try to install malware on dev machines

An ongoing attack is uploading hundreds of malicious packages to the open source node package manager (NPM) repository in an attempt to infect the devices of developers who rely on code libraries ...
GitHub

Windows – install method keeps flipping (unknown ↔︎ npm-global) despite native install; want stable native setup

Warns of mismatch (config expects native, currently running npm-global). Then it flips config to global, tries npm view, and fails (code 1, empty stderr). Manual npm ...
Bleeping Computer

Compromised JavaScript Package Caught Stealing npm Credentials

A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...
GitHub

Serena MCP Server fails on Windows with npm command not found error (exit code 127)

When using Serena MCP server in Claude Code on Windows, the tool consistently fails during TypeScript Language Server initialization with npm install command returning exit status 127. This appears to ...