Gizmodo

Massive Supply Chain Attack Targets Cryptocurrencies Through NPM

A phishing attack aimed at a particular software maintainer’s account has managed to compromise software packages that have over 2.6 billion weekly downloads. BleepingComputer, noting that the ...
InfoWorld

Safety in Node.js: NodeSource to certify NPM modules

NodeSource’s Certified Modules service, intended to ensure the safety of NPM modules, becomes generally available on Thursday. Previously available only in a private beta stage, the service for ...
TechSpot

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

What the Script: Supply chain attacks are traditionally designed to inflict maximum damage on structured organizations or companies. However, when such an attack compromises a supply chain that an ...