Dangerous npm packages are targeting developer credentials on Windows, Linux and Mac - here's what we know

Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
heise online

Major attack on node.js

A major attack on the supply chain for software packages for the widely used JavaScript runtime environment node.js was discovered on Monday. The attacker has injected obfuscated malicious code into ...