CSOonline

Developer sabotages own npm module prompting open-source supply chain security questions

The node-ipc developer attempt to protest Russia's attack on Ukraine has the unintended consequence of casting more doubt in software supply chain integrity. The developer of a popular JavaScript ...
ZDNet

Disgruntled developer breaks thousands of JavaScript, Node.js apps

Thousands of applications were broken on Tuesday after a programmer unpublished a critical module in npm, a package manager for widely-used JavaScript projects. Countless projects were left in limbo ...
Business Insider

One programmer almost broke the internet by deleting 11 lines of code

This week, one programmer broke a whole mess of the software the internet runs on by deleting one simple program consisting of 11 lines of code. Everything is OK now. But it's a strange case that ...
Bleeping Computer

NPM supply-chain attack impacts hundreds of websites and apps

An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise hundreds of downstream desktop apps and websites. As ...
Bleeping Computer

Compromised JavaScript Package Caught Stealing npm Credentials

A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...