InfoWorld

The rise of Node.js: JavaScript graduates to the server

Although it is just three years old, Node.js is gaining traction as an application development platform, letting developers ...

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...
InfoWorld

Explore Bun.js: The all-in-one JavaScript runtime

Bun is an ambitious project that is quickly emerging as a drop-in replacement and faster alternative to Node.js. Here's a look at ...
Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

New NPM attack: Self-replicating malware infects dozens of packages

It is possible that the attackers behind this attack are the same ones as last time. Their malicious code bears the name of a prominent science fiction monster.

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Warning about data-stealer spreading through software used by millions of programmers

Security researchers worldwide are warning about a supply-chain attack on the Node Package Manager (NPM), where a ...

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.