A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by bitcoin wallets. A major NPM developer, qix, has had their account compromised.
Standard, a JavaScript style guide, linter, and automatic code fixer, has implemented what appears to be the first advertising system for JavaScript libraries. The ads are powered by a new project ...
An update to a tiny JavaScript library has thrown a large part of the JavaScript ecosystem into chaos on Saturday, with millions of projects believed to have been impacted. Making the entire situation ...
JavaScript's standard library could eventually grow to reduce reliance on third-party packages -- but it'll happen slowly, says Eich A recent incident where software was removed from the NPM package ...
Jailed uses native JavaScript functions to run other libraries in a sandboxed environment, which could be the route to safer plugins and better automated testing of code A recently revised JavaScript ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results