Everything there is to find on tag: npm.
Aikido Endpoint offers developers additional protection against supply chain attacks
Aikido Security is launching Aikido Endpoint, a lightweight agent designed to protect developers’ endpoints...
Tag: npm
Timeline
Axios supply chain attack victim posts postmortem to prevent a repeat
Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScri...
North Korea behind social engineering attack on Axios project
The maintainer of the popular npm package Axios has revealed how attackers were able to take over his account...
Axios npm package compromised, posing a new supply chain threat
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026....
New npm browser npmx addresses shortcomings of npmjs
An initiative within the JavaScript community is attempting to offer an alternative to the way developers vie...
AI hallucinates in 28 percent of dependency upgrades
AI that recommends dependency upgrades without checking actual sources creates a dangerous situation. New res...
Microsoft gives guidance on Shai-Hulud 2.0 supply chain attack
The return of the Shai-Hulud supply chain attack was dubbed 'The Second Coming' shortly after the first warni...
Shai-Hulud 2.0’s impact appears vast as NPM ecosystem struggles to cope
The NPM ecosystem is once again facing a serious supply chain attack. While the previous Shai-Hulud infection...
NPM hit again by Shai-Hulud worm attack
A large-scale cyberattack has once again hit the NPM ecosystem. Following the first Shai-Hulud worm in Septem...
Supply chain hack affects billions of npm downloads
On September 8, several popular npm packages were compromised after a successful phishing attack on a maintai...