News
Latest
Top
Search
Submit
Login
Search
▲
1038
Shai-Hulud Returns: Over 300 NPM Packages Infected
(helixguard.ai)
by mrdosija |
view
|
775 comments
▲
420
GitLab discovers widespread NPM supply chain attack
(about.gitlab.com)
by OuterVale |
view
|
258 comments
▲
90
Show HN: Safe-NPM – only install packages that are +90 days old
(github.com)
by kevinslin |
view
|
64 comments
▲
38
Posthog NPM packages are compromised
(twitter.com)
by h1fra |
view
|
1 comments
▲
16
Safe Chain: Stopping Malicious NPM Packages Before They Wreck Your Project
(aikido.dev)
by nailer |
view
|
2 comments
▲
11
Show HN: MCP Traffic Analyze with NPM
(npmjs.com)
by o4isec |
view
|
0 comments
▲
11
Malware in PostHog NPM packages
by roskoalexey |
view
|
9 comments
▲
10
The GitHub Infrastructure Powering North Korea's Contagious Interview NPM Attack
(socket.dev)
by giuliomagnifico |
view
|
1 comments
▲
8
Building an NPM Worm (2016)
(contolini.com)
by christophetd |
view
|
0 comments
▲
8
Moving Beyond the NPM Elliptic Package
(soatok.blog)
by woodruffw |
view
|
1 comments
▲
7
Crims Poison 150K+ NPM Packages with Token-Farming Malware
(theregister.com)
by jruohonen |
view
|
1 comments
▲
6
Show HN: Auto-Unpublish NPM Packages Published Outside CI
(github.com)
by ethanblackburn |
view
|
2 comments
▲
5
Hackers Use Npmscan.com to Hack Web Apps (Next.js, Nuxt.js, React, Bun)
(audits.blockhacks.io)
by block_hacks |
view
|
1 comments
▲
5
Malicious Bun Script Found in NPM Package Bumps
by kothariji |
view
|
1 comments
▲
4
The Shai-Hulud 2.0 npm worm: analysis, and what you need to know
(securitylabs.datadoghq.com)
by saikatsg |
view
|
2 comments
▲
4
SHA1-Hulud – The Second Coming: Over 1k NPM Packages Compromised
(koi.ai)
by amitassaraf |
view
|
1 comments
▲
3
Releasing Packages with a Valet Key: NPM, PyPI, and Beyond
(byk.im)
by coloneltcb |
view
|
0 comments
▲
3
SHA1-Hulud, NPM supply chain incident
(snyk.io)
by tsenturk |
view
|
0 comments
▲
3
Shai-Hulud Strikes Again, Again. (NPM Supply Chain Attack)
(socket.dev)
by pvtmert |
view
|
1 comments
▲
3
NPM install Vite is broken
(github.com)
by nvader |
view
|
0 comments
▲
3
StackTCO – find the right NPM packages for your framework
(stacktco.com)
by matwiemann |
view
|
0 comments
▲
3
Show HN: [npm] Recreation of YouTube's "ambient glow" effect
(npmjs.com)
by JSXJedi |
view
|
1 comments
▲
2
Show HN: MCP for finding the better NPM dependencies
(web-production-0200a.up.railway.app)
by jsafaiyeh |
view
|
0 comments
▲
2
The GitHub Infrastructure Powering North Korea's Contagious Interview NPM
(socket.dev)
by feross |
view
|
0 comments
▲
2
Big attack on NPM – Shai-Hulud 2.0
(about.gitlab.com)
by thomasfl |
view
|
3 comments
▲
2
GitLab discovers widespread NPM supply chain attack
(about.gitlab.com)
by soheilpro |
view
|
1 comments
▲
2
Shai-Hulud malware infects 500 NPM packages, leaks secrets on GitHub
(bleepingcomputer.com)
by speckx |
view
|
1 comments
▲
2
Moving Beyond the NPM Elliptic Package
(soatok.blog)
by zdw |
view
|
0 comments
▲
2
Automated NPM secret rotation in GitHub Actions
(michaelheap.com)
by mooreds |
view
|
0 comments
▲
2
Analyzing a NPM Spam Campaign: The Great Indonesian Tea Theft
(endorlabs.com)
by ChrisArchitect |
view
|
0 comments
▲
2
Next.js 16's Turbopack breaks NPM link
(steveharrison.dev)
by steveharrison |
view
|
0 comments
▲
1
NPM Package with 56K Downloads Caught Stealing WhatsApp Messages
(koi.ai)
by sohkamyung |
view
|
0 comments
▲
1
Show HN: NPM package size visualizer using React as the unit of measurement
(howmanyreacts.com)
by Sajarin |
view
|
0 comments
▲
1
npm registry down
by arbol |
view
|
1 comments
▲
1
New Elf-Stats Malware Campaign on NPM
(npmjs.com)
by eyberg |
view
|
0 comments
▲
1
How to Defend Against NPM Software Supply Chain Attacks
(endorlabs.com)
by danielhaven |
view
|
0 comments
▲
1
Show HN: HALUD YOUR HORSES – a container system to resist Shai-Hulud NPM attacks
(github.com)
by neechoop |
view
|
7 comments
▲
1
A secure and efficient Node/NPM in Docker setup for front end development
(ryansouthgate.com)
by nateb2022 |
view
|
0 comments
▲
1
eazypm, npm package to reinstall project dep. with malware scanner (safe-chain)
(npmjs.com)
by nycalexander |
view
|
1 comments
▲
1
PR CheckMate – automate lint, formatting, deps and NPM audit
(npmjs.com)
by def-to-explore |
view
|
1 comments
▲
1
OreNPMGuard v2.0.0 – OSS for Shai-Hulud 2.0 NPM supply chain attack
by ahsansmir |
view
|
0 comments
▲
1
Ask HN: NPM docs re. changes to auth, token management are a mess, what to do?
by DemocracyFTW2 |
view
|
2 comments
▲
1
Ask HN: Securing Pip and NPM package use?
by giantg2 |
view
|
1 comments
▲
1
Amazon finds 150K NPM packages linked to token-farming campaign
(scworld.com)
by Bender |
view
|
0 comments
▲
1
Another Round of Tea Protocol Spam Floods NPM, but It's Not a Worm
(socket.dev)
by feross |
view
|
0 comments
▲
1
Fake packages flood NPM registry in major attack – here's what we know
(techradar.com)
by alsetmusic |
view
|
1 comments
▲
1
NPM-GitNameCheck
(firexcore.com)
by FireXCore |
view
|
0 comments
▲
1
Building a more secure NPM ecosystem with Mend Renovate
(mend.io)
by jamietanna |
view
|
0 comments
▲
1
Show HN: I created an NPM package to AI sync my translations in seconds
(npmjs.com)
by cvicpp123 |
view
|
2 comments
▲
1
Recreating YouTube's Ambient Glow Effect as an NPM Package (Demo Inside)
(npmjs.com)
by JSXJedi |
view
|
0 comments
News
News