News

Malware found in NPM packages with 1 million weekly downloads
A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were ...
Popular NPM packages with over a million downloads hit by malware
NPM packages with more than a million weekly downloads were compromised to deliver a RAT The attack could turn into a major ...
Ars Technica29d
Destructive malware available in NPM repo went unnoticed for 2 years
Researchers have found malicious software that received more than 6,000 downloads from the NPM repository over a ... for JavaScript developers, including React, Vue, and Vite.