CSO Online

PhantomRaven returns to npm with 88 bad packages

Researchers at Endor Labs uncovered 88 new packages tied to new waves of the campaign, which uses remote dynamic dependencies to deliver credential-stealing malware.
Business Wire

npm, Inc. Releases npm@6 Package Manager with Powerful, Built-In Security Protections

OAKLAND, Calif.--(BUSINESS WIRE)--npm, Inc., which runs the world’s largest software registry and maintains the `npm` software package management application, today announced npm@6, a major update to ...