Meta Astryx design system is back on GitHub Trending, with a JSON manifest CLI that gives AI coding agents a machine-readable ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting ...
A view of the Meta building is seen during the World Economic Forum Annual Meeting 2026 in Davos Switzerland 2026/01/20 Laurent Hou/Getty Images Meta released Astryx to the public on Saturday under ...
Any development environment that installed or imported one of the 172 compromised npm or PyPI packages published since May 11 should be treated as potentially compromised. On affected developer ...
A supply chain attack was carried out against TanStack, a set of libraries widely used in JavaScript and React development, by releasing malware-infused versions of its npm packages. According to ...
Picture this scenario: An Anthropic Skill scanner runs a full analysis of a Skill pulled from ClawHub or skills.sh. Its markdown instructions are clean, and no prompt injection is detected. No shell ...
On March 31, 2026, two new npm packages for updated versions of Axios, a popular HTTP client for JavaScript that simplifies making HTTP requests to a REST endpoint with over 70 million weekly ...
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious ...
Nitro.js is a JavaScript-based HTTP server. It builds on state-of-the-art components, focusing on performance, convention, and deployment. As a JavaScript developer, you want to know about Nitro ...
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results