Shedding light on mysterious 9000.0.x versions of PrismJS that had left everyone puzzled in 2015, and weren't removed until 2019.
A gray hat hacker has published over 7,000 dependency confusion packages to npm and PyPI repositories, and continues to post…
NodeJS has released fixes for CVE-2020-8277, a DoS vulnerability that could be triggered via DNS requests.
Newly discovered Discord malware "CursedGrabber" has possible links to Russia and Ukraine. It was found infiltrating the npm open source…
Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These "typosquatting" packages served no purpose other…
This website uses cookies.