heise online

Malicious npm packages: SAP software compromised

Several SAP npm packages were exposed to a supply chain attack. The hacker group TeamPCP is behind it, say security researchers. The compromised packages each contain a modified package.json with the ...
InfoWorld

Inside NPM: Building and sharing JavaScript packages

The Node Package Manager, NPM, has become a powerful and important tool, supporting many different JavaScript frameworks — including JQuery, AngularJS, and React JS. If you’re building JavaScript ...
Ars Technica

NPM flooded with malicious packages downloaded more than 86,000 times

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection. The finding, ...