News

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...
CSOonline4y

How to block malicious JavaScript files in Windows environments

Attackers frequently send malicious JavaScript files through bogus emails. It's easy to block these files from reaching a hapless user. Here's how. There have been several recent reports of fake ...
Android Police8y

Gmail won't allow JavaScript file attachments starting February 13

Malicious emails often attach various forms of executable programs and trick users into running them. These include standard Windows executables (.exe), batch files (.bat), and even JavaScript files ( ...
Bleeping Computer3y

BIG sabotage: Famous npm package deletes files to protest Ukraine war

This month, the developer behind the popular npm package 'node-ipc' released sabotaged versions of the library in protest of the ongoing Russo-Ukrainian War. Newer versions of the 'node-ipc' package ...