Shai-Hulud is the worst-ever npm JavaScript attack. This software supply chain worm attack is still ongoing. Here are some ways you can prevent such attacks. For those of you who aren't Dune fans, ...

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by bitcoin wallets. A major NPM developer, qix, has had their account compromised.

Two malicious packages have been discovered in the npm JavaScript package index, which masquerades as useful utilities but, in reality, are destructive data wipers that delete entire application ...

deno 2.2.2 (stable, release, x86_64-unknown-linux-gnu) v8 13.4.114.9-rusty typescript 5.7.3 ... "imports": { "openai": "npm:openai@^4.86.1" } ... deno run --env-file ...

The Brazilian government has raised the import duty on solar modules from 9.6% to 25% this week. According to the Brazilian PV association ABSolar, this measure could undermine the country’s energy ...

Brazil had already raised its import tax rate on solar modules to 9.6% on 1 January 2024. Image: Unsplash. The Brazilian government has raised the import tax rate on solar modules from 9.6% to 25%.

An ongoing attack is uploading hundreds of malicious packages to the open source node package manager (NPM) repository in an attempt to infect the devices of developers who rely on code libraries ...

I encountered an issue when upgrading from Deno 1.45.2 to 1.45.3. The following code throws an error in version 1.45.3, while it worked perfectly in 1.45.2. Rolling ...

As the United States reassesses its shrinking manufacturing base relative to China’s expanding influence and considers the global geopolitical landscape, solar panel import tariffs continue to play a ...

An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick them into downloading a Python backdoor. Cybersecurity firm ...