News

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...
Bitcoin Magazine5d

NPM Attack: Javascript Library Compromise Goes After Bitcoin Wallets

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...
Securities.io2d

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
Forbes8mon

15 Reasons To Choose Node.js For Product Development In 2025

Staying ahead of the curve is no longer a choice. It has become a necessity. As of November 2024, Node.js powers 3.9% of websites globally, according to Web Technology Surveys. That includes giants ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishin…

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.

Bun JS toolkit adds MySQL driver, secrets API, YAML, and more

Bun.secrets, also new in this release, is a native secrets manager for CLI (command-line interface) tools and local development. On macOS, it uses the Keychain, on Linux it uses libsecret, and on ...