News

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

Node.js + React Practical Development of Blockchain 'MOOC' DApp Designed Specifically for Frontend Engineers

Building a 'MOOC' DApp with Node.js and React In today's rapidly evolving technology landscape, frontend engineers are no longer limited to building traditional web applications. The rise of ...
Bitcoin Magazine2d

NPM Attack: Javascript Library Compromise Goes After Bitcoin Wallets

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...
CoinDesk2d

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...
Cybernews10d

The whole world depends on one overworked, underpaid developer, who might be from Moscow

A widely used Node.js utility called fast-glob is being maintained by a single Russian developer, prompting debate about the risks of solo maintainers and potential geopolitical influence.
InfoWorld9y

Node.js welcomes Microsoft’s Chakra JavaScript engine

Node has traditionally been focused on Google's V8 JavaScript engine, but adding ChakraCore support will allow developers to target more platforms Microsoft on Tuesday submitted a pull request to Node ...
Krebs on Security2d

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...