InfoWorld

WhiteSource report warns of NPM registry risks

The popular NPM registry of JavaScript packages was described as a playground for malicious actors by software scanning services provider WhiteSource Software, which has published a report of its ...
CSOonline

Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack

Popular configuration packages for integrating Prettier with ESLint, the widely used code formatting tools within JavaScript and TypeScript projects, were hijacked after a maintainer fell victim to a ...