IT News For Australia Business

'Protestware' npm package dependency labelled supply-chain attack

Russia's invasion of Ukraine has spilt over into developer-space, with a well-known npm maintainer adding "protestware" as a dependency to a very popular package. Security vendor Snyk is tracking what ...
InfoWorld

Safety in Node.js: NodeSource to certify NPM modules

NodeSource’s Certified Modules service, intended to ensure the safety of NPM modules, becomes generally available on Thursday. Previously available only in a private beta stage, the service for ...
ZDNet

Corrupted open-source software enters the Russian battlefield

It started as an innocent protest. Npm, JavaScript's package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It ...
How-To Geek on MSN

Node 25.4.0 solves the import require mess and adds more features

Node.js 25.4.0, the newest Current branch release, is now available for download. This update focuses on transitioning many ...
Dark Reading

Supply Chain Attack Deploys Hundreds of Malicious NPM Modules to Steal Data

A routine scan of the NPM open source code repository in April turned up several packages using a JavaScript obfuscator to hide their true function. After further investigation, analysts with ...
CSOonline

Developer sabotages own npm module prompting open-source supply chain security questions

The node-ipc developer attempt to protest Russia's attack on Ukraine has the unintended consequence of casting more doubt in software supply chain integrity. The developer of a popular JavaScript ...
Cryptopolitan on MSN

Malicious Bitcoin npm packages spread NodeCordRAT malware before takedown

Researchers at Zscaler ThreatLabz have found three malicious Bitcoin npm packages that are meant to implant malware named ...
Ars Technica

Best nodejs REPL replacement module?

I've been slowly teaching myself nodejs and have gotten to the point where I've noticed some problems with the default REPL. Thing is, searching 'repl' on npmjs.com, returns 883 results. Googling for ...