News
"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...
Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of victims.
GitHub Copilot is your AI coding assistant and will help you code faster, debug smarter, and learn to write in new ...
Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...
Warp, the Agentic Development Environment, for Windows, macOS and Linux has launched a suite of new features to improve ...
A large-scale supply chain attack on the JavaScript ecosystem has prompted an urgent warning from Ledger’s chief technology ...
An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...
Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback