Ars Technica

NPM flooded with malicious packages downloaded more than 86,000 times

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection. The finding, ...
TheServerSide

The secret history behind the success of npm and Node

Community driven content discussing all aspects of software development from DevOps to design patterns. When JavaScript was first introduced, it was a programming toy that sort of worked, but worked ...