资讯

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...

Ledger CTO Warns of Serious NPM Hack That Can Hijack Crypto Transactions

A serious security scare has hit the open-source software world, and it’s got big implications for crypto. Ledger’s chief ...
ZDNet4 年

Malicious npm packages caught installing remote access trojans

The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the ...
Bleeping Computer4 年

Malicious NPM packages used to install njRAT remote access trojan

New malicious NPM packages have been discovered that install the njRAT remote access trojan that allows hackers to gain control over a computer.
InfoWorld2 年

GitHub bolsters NPM access control - InfoWorld

Looking to improve the safety and security of NPM JavaScript packages, GitHub is adding granular access tokens to enable fine-grained permissions for NPM accounts, and making its NPM code explorer ...