Techzine Europe

Invisible malware spread via VS Code extensions

The leak has now been fixed. According to the Open VSX team, the incident has been fully contained and closed since October ...
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
SecurityWeek

Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks

Software supply chain security firm JFrog has disclosed the details of a critical vulnerability affecting a popular React ...