News

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...
Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...

Massive NPM crypto hack drained only $50

Ledger CTO warns of shocking NPM attacks by crypto hackers; How to stay safe if you’re using MetaMask, Phantom, Trust or any ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...
moneycontrol.com

ICICI PRUDENTIAL PENSION FUND SCHEME E - TIER I

Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their ...
moneycontrol.com

SBI PENSION FUND SCHEME E - TIER I

Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their ...
GitHub

The recently published NPM version (21.7.0) contains malware?

I just saw an automated update PR created by Renovate in one of my repos containing update for nx to version 21.7.0. The latest version on NPM is indeed 21.7.0 and it was published ~11 minutes ago.
GitHub

HLS Video Streaming using Node.js and FFmpeg

This project demonstrates how to upload a video, convert it into HLS streaming segments using FFmpeg, and play the video using HLS.js. The project is built with Node ...