All news

npm security

(2 articles)
N. Korean Hackers Drop 1,700 Malicious Packages

April 8, 2026

N. Korean Hackers Drop 1,700 Malicious Packages

North Korean hackers spread 1,700 malicious packages across npm, PyPI, Go, and Rust registries. Here's what developers need to check right now.

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

March 31, 2026

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

A compromised npm account pushed a cross-platform RAT through the Axios package. Here's what happened and how developers can protect their supply chain.