FinanceFeeds

Shai Hulud Malware Hits 400+ JavaScript Packages in Major NPM Supply-Chain Attack

Charlie Eriksen, a researcher at Aikido, identified the infected libraries and confirmed each detection manually to minimize ...

Popular JavaScript library can be hacked allowing access to user accounts

Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate validation CERT-CC warns of ...
GitHub

CommonJS module exports not accessible using ESM import syntax

What is the expected behavior? Why is that the expected behavior? Should not print undefined as Client module exists in raknet-native. Below is the index.js file of raknet package found within ...
The Hacker News

Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets

"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, ...
The Hacker News

Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages

Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service called Adspect to differentiate between real victims and ...

New NPM supply-chain attack compromises major ENS and crypto libraries

A major JavaScript supply-chain attack has compromised hundreds of software packages — including at least 10 used widely ...
GitHub

purush123cs/typescript-util-npm-module

A modular collection of useful TypeScript utility functions for common programming tasks. Each utility category is organized in separate files for better maintainability and tree-shaking optimization.