Code maintenance, bug fixes, integration, testing, documentation — this was what made the global giants. But these functions ...

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Honeycomb, the creators of observability, today announced the launch of Honeycomb Intelligence, an AI-native observability suite optimized for developers. The new AI-powered products accelerate ...

Ready to go beyond console.log? In just 100 seconds, discover powerful JavaScript console features that can boost your debugging game—like console.table, console.group, console.time, and more. Whether ...

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...

A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This ...

Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...

Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads.

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...