Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
Multiple npm supply chain attacks used 50+ poisoned packages to spread IronWorm, a Rust-based stealer, and a Miasma worm ...
Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
A federal judge found Streamate violated state wage laws by misclassifying performers and withholding a portion of their tips ...
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
Summer makes herself ill.
Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
CVE Lite CLI helps developers quickly identify and fix vulnerable npm dependencies during development, reducing delays and ...
Jennifer Simonson is a business journalist with a decade of experience covering entrepreneurship and small business. Drawing on her background as a founder of multiple startups, she writes for Forbes ...
On May 29, 2026, the U.S. District Court for the District of New Jersey found that while a certified class of performers on an adult ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results