Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Ramya Krishnamoorthy shares a detailed case ...
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be ...
A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
An apparent "Dune" aficionado is responsible for perpetrating the first self-propagating attack on the npm JavaScript repository in what a security company has described as being one of the most ...
Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
The NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.
OAKLAND, Calif.--(BUSINESS WIRE)--npm, Inc., the open source JavaScript developer tools provider and operator of the world’s largest software registry, today announced npm Pro, the first professional ...
Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback