Bleeping Computer

Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps

Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking. Some surmised if the NPM ...
Hosted on MSN

Dev snared in crypto phishing net, 18 npm packages compromised

Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the two-factor authentication protecting his npm account.… The malware targets ...
ZDNet

Hacking 20 high-profile dev accounts could compromise half of the npm ecosystem

The npm ecosystem of JavaScript libraries is more interwoven than most developers think, and the entire thing is a gigantic house of cards, being one bad hack away from compromising hundreds of ...
CSOonline

Hackers drop 60 npm bombs in less than two weeks to recon dev machines

Threat actors have likely made off with sensitive host and network information from developers’ systems in a coordinated malware campaign, involving 60 malicious npm packages, that were live for just ...