The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Cybernews

Hundreds of NPM packages compromised as ongoing supply chain attack snowballs out of control

Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...
InfoWorld

Filter JavaScript objects the easy way with Arquero

Use popular 'grammar of data' syntax to filter and subset your two-dimensional JavaScript arrays and more. Here's how to use Arquero for data wrangling in Observable JavaScript and Node.js. There are ...
Search Engine Land

WalkerOS: A data collection alternative to gtag.js

Google’s popular gtag.js library makes collecting data for Google Analytics 4 and Google Ads straightforward. However, it also ties you into Google’s ecosystem. You lose control and flexibility when ...
Cryptopolitan on MSN

Is Binance’s customer data, assets at risk after major supply chain attack?

Binance reassures customers after a massive NPM supply chain attack injects malicious code into 18 popular JavaScript ...
heise online

JavaScript: UI component kit Wijmo brings support for Angular 19

The Japanese software provider Mescius (formerly GrapeCity) has announced the first major release of Wijmo this year. It can handle the new versions Angular 19 and Next.js 15 and comes with updates ...