Chainguard launches trusted collection of verified JavaScript libraries

Chainguard Libraries for JavaScript include builds that are malware-resistant and built from source on SLSA L2 infrastructure ...
TechSpot

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

What the Script: Supply chain attacks are traditionally designed to inflict maximum damage on structured organizations or companies. However, when such an attack compromises a supply chain that an ...
CoinTelegraph

Largest NPM attack in crypto history stole less than $50: SEAL

Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. ”Picture this: you compromise ...
PC Gamer

Open-source Morrowind project just got an update 3 years in the making that might have me saying bye to the vanilla game for good—oh, and you can load Skyrim in it now

Having begun work on it sometime after the domestication of rice, the heroic mad lads over at OpenMW—the open-source engine reimplementation for The Elder Scrolls 3: Morrowind that lets you play it ...
GitHub

html-css-javascript-todo-app-vanilla-js

This is a simple and beginner-friendly To-Do List App built with just HTML, CSS, and JavaScript. It helps you manage daily tasks by allowing you to add, edit, delete, and mark them as completed. Part ...
Bleeping Computer

Malicious npm packages posing as utilities delete project directories

Two malicious packages have been discovered in the npm JavaScript package index, which masquerades as useful utilities but, in reality, are destructive data wipers that delete entire application ...
MPR News

Minnesota‘s Vanilla Bean Project rethinks sustainability of the popular flavor

Andy and Sara Kubiak aboard the Grain de Sail II on their most recent trip to Saint Malo, France in March 2025. NINA MOINI: A Lakeland-based company is working to make the vanilla bean trade more ...