Yahoo Finance

Introducing Chainguard Libraries for JavaScript: Malware-Resistant Dependencies Built Entirely from Source

The risk in the JavaScript ecosystem isn't theoretical: earlier this month, a number of packages used by millions of developers were compromised via malicious code. These malware attacks against ...

Chainguard Customers Have 94% Python Ecosystem Coverage for Their Environments

Chainguard, the trusted source for open source, today announced it has expanded Chainguard Libraries coverage across Python, Java, and JavaScript, with customers seeing 94% coverage across the Python ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
CoinTelegraph

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software. Hackers have compromised widely ...
heise online

Prettier 3.5 brings two new options for JavaScript code formatting

The open source tool Prettier has reached version 3.5. The tool for code formatting JavaScript, TypeScript, JSX and more comes with an experimental and a stable feature for JavaScript and can now ...
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Pervasive, evasive malware thought to have been eliminated has wormed its way back into development environments. Just a little over two weeks after GlassWorm was declared “fully contained and closed” ...