NodeSource’s Certified Modules service, intended to ensure the safety of NPM modules, becomes generally available on Thursday. Previously available only in a private beta stage, the service for ...
The node-ipc developer attempt to protest Russia's attack on Ukraine has the unintended consequence of casting more doubt in software supply chain integrity. The developer of a popular JavaScript ...
Version 1.30 of the Deno JavaScript/TypeScript runtime, published late January 2023, emphasizes support for built-in Node.js modules and offers a major update to the configuration file. With Deno, npm ...
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. The node-ipc ...
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...