Bleeping Computer

NPM Fails Worldwide With "ERR! 418 I'm a Teapot" Error

Users of the NPM JavaScript package manager were greeted by a weird error yesterday evening, as their consoles and applications spewed a message of "ERR! 418 I'm a ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
InfoQ

Manifest Confusion Paves the Way to New npm Supply Chain Threats

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
TheServerSide

GitHub's NPM acquisition sparks Microsoft-related worries

GitHub's acquisition this week of NPM Inc., a prominent player in the JavaScript ecosystem, has sparked both worry and welcome from users of the ubiquitous programming language. The company hosts Node ...
InfoWorld

Node.js tutorial: Get started with Node

Node.js is a popular and versatile cross-platform JavaScript runtime environment. Node was the first runtime to allow developers to run JavaScript outside the browser, opening a new world of ...
CSOonline

Malicious packages in npm evade dependency detection through invisible URL links: Report

Threat actors are finding new ways to insert invisible code or links into open source code to evade detection of software supply chain attacks. The latest example was found by researchers at ...