Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
Red Hat hit by npm supply‑chain attack - here's how to stay safe ...
Microsoft says latest attack targets Leo Platform and RStreams packages, harvesting creds and going after more maintainers ...
Microsoft links the recent Mastra AI npm supply chain attack to , a North Korean group known for cryptocurrency theft ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors. More than ...
Over the holidays, the npm package registry was flooded with more than 3,000 packages, including one called "everything," and others named a variation of the word. The package is quite aptly named as ...
Moving one folder quadrupled my build speeds without touching a single config.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results