News

Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were ...
InfoWorld

9 vital concepts of modern JavaScript

JavaScript is a sprawling and ever-changing behemoth, and may be the single-most connective piece of web technology. From AI ...

5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing email is all it ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
htxt

Vodacom has trained 10 000 girls to code

Vodacom’s Code Like A Girl Programme has reached 10 000 girls since it launched in 2017 with just 20 participants. The ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
TMCnet

Span Launches Universal AI Code Detector to Help Technology Leaders Measure the Adoption and Impact of AI-assisted Coding

Today, boards and executives are increasingly demanding credible metrics to evaluate the ROI and quality implications of AI-assisted coding. However, CTOs and engineering leaders are flying blind, ...

The Buyer’s Guide to Browser Extension Management

Browser extensions boost productivity—but also open the door to hidden risks like data exfiltration and AitM attacks. Keep ...
CSO Online

When AI nukes your database: The dark side of vibe coding

As developers lean on Copilot and GhostWriter, experts warn of insecure defaults, hallucinated dependencies, and attacks that ...
Decrypt

Crypto Users Warned to Stop Transacting as Massive Exploit Threatens Apps and Wallets

Security experts are advising crypto users to be very careful as a large-scale supply chain exploit could be used to swipe funds.