Security News
Account hijacking claimed by some but it may just be a developer behaving badly Another JavaScript package in the npm registry - the installer for PureScript - has been tampered with, leading...
Cryptocurrency users narrowly escaped losing all their funds last week after an attacker poisoned a digital wallet with malicious code that stole their blockchain access details.
What a wild ride, eh Komodo? Blockchain biz Komodo this week said it had used a vulnerability discovered by JavaScript package biz NPM to take control of some older Agama cryptocurrency wallets to...
NPM is working to course-correct after 2018 brought a handful of major incidents that caused usability and security headaches for system administrators.
Node.js package tried to plunder Bitcoin wallets A widely used Node.js code library in NPM's warehouse of repositories was altered to include crypto-coin-stealing malware. The lib in question,...
...and those devs are then applying patches, we hope JavaScript library custodian NPM, after years of security scrambling, looks to be getting a grip on its code safety.…
Tokens killed after eslint-scope JavaScript utility compromised An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal...
A malicious package masquerading as a cookie parsing library but delivering a backdoor instead was unpublished from the npm Registry along with three other packages. read more
Criminals used a typo-squatting technique and uploaded rogue JavaScript libraries to a popular code repository npm.
