npm

Read news on npm with our app.

Read more in the app

Miasma campaign poisons 20-plus npm packages, hunts for developer secrets

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

GitHub pulls pin on npm's auto-run scripts

Upcoming breaking changes for npm v12

Fake web3 Job interview deploys stealthy cross platform (macOS/Windows) malware via compromised NPM packages in take home assessment

Dozens of Red Hat packages backdoored through its official NPM channel

Malicious npm packages detected across Red Hat Cloud Services

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Staged publishing and new install-time controls for npm

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

Show HN: Safe-install – safer NPM installs with trusted build dependencies

Post Mortem: axios NPM supply chain compromise

Claude Code source code accidentally leaked in NPM package

Claude Code full source code leaked on NPM

Claude Code's source code has been leaked via a map file in their NPM registry

Axios compromised on NPM – Malicious versions drop remote access trojan

Qite.js – Frontend framework for people who hate React and love HTML

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

NPM install is stealing your passwords – I built a tool to catch it

NPMX – a fast, modern browser for the NPM registry