News
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
JavaScript’s low bar to entry has resulted in one of the richest programming language ecosystems in the world. This month’s ...
Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...
A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...
Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of victims.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback