Security News

One-in-two JavaScript project audits by NPM tools sniff out at least one vulnerability...

2018-08-22 19:57

...and those devs are then applying patches, we hope JavaScript library custodian NPM, after years of security scrambling, looks to be getting a grip on its code safety.…

#audit #javascript #NPM #tools #vulnerability

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders

2018-07-12 20:13

Tokens killed after eslint-scope JavaScript utility compromised An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal...

#hacked #malware #NPM

Backdoored Module Removed from npm Registry

2018-05-04 14:38

A malicious package masquerading as a cookie parsing library but delivering a backdoor instead was unpublished from the npm Registry along with three other packages. read more

#NPM

Attackers Use Typo-Squatting To Steal npm Credentials (Threatpost)

2017-08-04 21:24

Criminals used a typo-squatting technique and uploaded rogue JavaScript libraries to a popular code repository npm.

#credential #NPM #threatpost

A research on credentials leakage affecting Node packages (bonus: npm bug) (Reddit)

2015-12-08 07:38

#credential #NPM #reddit #research

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}