Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
CPO Magazine

Supply Chain Attack Infects Nearly 20 Popular NPM Packages with Billions of Weekly Downloads

Hackers injected malicious code into nearly a dozen 20 NPM packages with billions of weekly downloads in a software supply chain attack after phishing a maintainer’s account.
HealthcareInfoSecurity

Hackers Compromise 18 NPM Packages in Supply Chain Attack

A hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into ...
InfoWorldOpinion

NPM attacks and the security of software supply chains

Process improvements and a closer look at funding streams will provide far more protection for the open source software we ...
Nature

News & Views

Rising temperatures and the introduction of non-native fishes have been linked to rapid changes in fish communities across the United States. Immune cells can target cancer in the clinic. The ability ...