npm

#npm

63 articles tagged
Developer uses AI to catch malicious npm repo
Cybersecurity

Developer uses AI to catch malicious npm repo

6/17/2026
GitHub Will Turn Off npm Install Scripts by Default in Version 12 to Curb Supply Chain Attacks
Vulnerabilities

GitHub Will Turn Off npm Install Scripts by Default in Version 12 to Curb Supply Chain Attacks

6/11/2026
GitHub overhauls npm install defaults to choke off supply-chain attacks
Cybersecurity

GitHub overhauls npm install defaults to choke off supply-chain attacks

6/11/2026
GitHub Disables npm's Auto-Run Install Scripts, Closing the Door Shai-Hulud Walked Through
Security

GitHub Disables npm's Auto-Run Install Scripts, Closing the Door Shai-Hulud Walked Through

6/10/2026
npm v12 will turn off lifecycle scripts and Git installs by default
Security

npm v12 will turn off lifecycle scripts and Git installs by default

6/10/2026
Malicious npm releases found in dozens of @redhat-cloud-services packages
Vulnerabilities

Malicious npm releases found in dozens of @redhat-cloud-services packages

6/1/2026
OpenAI Codex Tokens Hijacked in npm Supply‑Chain Attack on codexui‑android
Vulnerabilities

OpenAI Codex Tokens Hijacked in npm Supply‑Chain Attack on codexui‑android

6/1/2026
Typosquatted npm Packages Expose Multi-Cloud Environments to Credential Theft
Vulnerabilities

Typosquatted npm Packages Expose Multi-Cloud Environments to Credential Theft

5/29/2026
Vulnerabilities

Supply Chain Compromises Impact Nx Console and GitHub Repositories – CISA Alert

5/28/2026
npm Supply‑Chain Slip‑Up Exposes GitHub Tokens and Triggers Data‑Protection Alerts
Vulnerabilities

npm Supply‑Chain Slip‑Up Exposes GitHub Tokens and Triggers Data‑Protection Alerts

5/27/2026
Malicious npm Package Exfiltrated Claude AI Files via GitHub – What Developers Need to Know
Vulnerabilities

Malicious npm Package Exfiltrated Claude AI Files via GitHub – What Developers Need to Know

5/27/2026
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware Across npm, PyPI, and CratesIO
Security

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware Across npm, PyPI, and CratesIO

5/25/2026
npm Introduces 2FA-Gated Publishing and Package Controls to Combat Supply Chain Attacks
Security

npm Introduces 2FA-Gated Publishing and Package Controls to Combat Supply Chain Attacks

5/24/2026

Popular Tags

#AI (3732)#Security (1358)#Open Source (1053)#privacy (893)#Hardware (874)#Apple (803)#Remote Code Execution (778)#API (754)#Microsoft (750)#Windows (702)#Infrastructure (687)#regulation (676)#Reddit (635)#Cloud (595)#Trends (580)#Linux (579)#Cybersecurity (573)#Gaming (531)#Performance (502)#Business (490)#Supply Chain (468)#Vulnerabilities (452)#Developer Tools (410)#OpenAI (403)#Android (393)#Rust (383)#Automation (379)#Samsung (377)#Machine Learning (376)#Azure (358)#LLMs (354)#Nvidia (348)#Battery (346)#Authentication (337)#Anthropic (324)#DevOps (316)#China (313)#AMD (307)#Patch Management (304)#Patch (302)#Productivity (299)#Developer (296)#GPU (290)#LLM (287)#iOS (279)#Intel (279)#Linux kernel (275)#Camera (274)#CVE (274)#Cloudflare (265)