News
NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total ...
According to advisories from the npm security team, the three JavaScript libraries opened shells on the computers of developers who imported the packages into their projects.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback