A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Standard, a JavaScript style guide, linter, and automatic code fixer, has implemented what appears to be the first advertising system for JavaScript libraries. The ads are powered by a new project ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by bitcoin wallets. A major NPM developer, qix, has had their account compromised.

JavaScript's standard library could eventually grow to reduce reliance on third-party packages -- but it'll happen slowly, says Eich A recent incident where software was removed from the NPM package ...

An update to a tiny JavaScript library has thrown a large part of the JavaScript ecosystem into chaos on Saturday, with millions of projects believed to have been impacted. Making the entire situation ...

Jailed uses native JavaScript functions to run other libraries in a sandboxed environment, which could be the route to safer plugins and better automated testing of code A recently revised JavaScript ...

Desire for digital skills seems to drive interest in Coding and Web Development 101, which has a waitlist almost twice as long as its capacity.