Tag: npm

A recent cybersecurity campaign has targeted the npm package repository with malicious JavaScript libraries designed to infect Roblox users with...

A recent security investigation has revealed a significant threat to JavaScript developers within the npm (Node Package Manager) ecosystem...

Cybersecurity researchers have uncovered a series of malicious npm packages designed to target Ethereum wallet developers, introducing an...

Cybersecurity researchers are increasingly sounding the alarm about the vulnerability of open-source ecosystems to supply chain attacks...

The npm package registry faced a surge of over 3,000 packages, prominently featuring one named "everything." This package, designed to download every

The OpenSSF Package Analysis team has introduced the groundbreaking "Malicious Packages Repository," marking the launch of the first open-source system

A wave of malicious npm and PyPI packages has emerged, posing a serious threat to software developers. This campaign, which commenced on September 12

An ongoing threat involving malicious npm packages has emerged, aiming to compromise developers and pilfer valuable source code and configuration files

The npm package registry has become the focal point of a meticulously targeted attack campaign, designed to lure developers.

A security researcher and system administrator have addressed the issue of "manifest confusion" in packages from the NPM JavaScript software registry