Dark Reading

JFrog's New Tools Flag Malicious JavaScript Packages

DevOps security firm JFrog released three open source security tools in response to recent issues with software registry npm to help JavaScript developers detect and prevent the installation of ...
InfoQ

The Deno Team Releases JSR, a New JavaScript Package Registry

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
InfoWorld

Inside NPM: Building and sharing JavaScript packages

The Node Package Manager, NPM, has become a powerful and important tool, supporting many different JavaScript frameworks — including JQuery, AngularJS, and React JS. If you’re building JavaScript ...
InfoQ

vlt Introduces New JavaScript Package Manager and Serverless Registry

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
CSOonline

NPM JavaScript registry suffers massive influx of malware, report says

The NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.
MyBroadband

Researchers discover rogue Node.js packages stealing data

Security researchers from ReversingLabs discovered that 25 software packages available through the node package manager (NPM) have been stealing end-user data. NPM is the world’s largest open-source ...