Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...

Ledger CTO cautions users to halt crypto transactions due to a mass NPM attack that hijacks wallets and loots money.

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...

Hackers hijacked popular web code to steal crypto. Users must check every wallet transaction to avoid losing funds.

Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads.

What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source ...

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...

The AWS SDK for JavaScript v2 has reached end-of-support on September 8, 2025. It will no longer receive updates or releases. Previously published versions are available on npm at aws-sdk, and source ...

A JavaScript implementation of gRPC for browser clients. For more information, including a quick start, see the gRPC-web documentation. gRPC-web clients connect to gRPC services via a special proxy; ...