Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
Web apps love exporting CSV files, but they don't always play nice with Excel. Leading zeros disappear, dates break, and text fields merge together. Most people waste time fixing these problems ...
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results