How has JavaScript and web development changed in 2023? Learn about the top 10 updates to Next.js, React, Angular, Vue, and Node.js.

GitHub has unveiled a comprehensive plan to improve npm (Node Package Manager) security. The measures are a direct response to the major npm attack in mid-September, in which self-replicating malware ...

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...

So far, according to recent court filings, the DOJ has already terminated monitorships for three firms that agreed to them ...

A new supply chain attack on npm, the node package manager, has injected the first malware with self-replicating worm ...

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...

JavaScript’s low bar to entry has resulted in one of the richest programming language ecosystems in the world. This month’s report celebrates the bounty, while also highlighting a recent example of ...