DEV Community

npm

Node Package Manager

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
I built an npm malware scanner in Rust because npm audit isn't enough
poolcamacho profile

I built an npm malware scanner in Rust because npm audit isn't enough

#npm #security #rust #opensource
1
Comments 2
3 min read
MCP Connector Poisoning: How Compromised npm Packages Hijack Your AI Agent
toniantunovic profile

MCP Connector Poisoning: How Compromised npm Packages Hijack Your AI Agent

#security #npm #javascript #devops
Comments
5 min read
I built Material Symbols SVG, an icon library for using Material Symbols as SVG components
k-s-h-r profile

I built Material Symbols SVG, an icon library for using Material Symbols as SVG components

#react #npm #typescript #frontend
Comments
5 min read
npm Provenance and SLSA: The Supply Chain Hygiene Baseline Every Team Needs in 2026
toniantunovic profile

npm Provenance and SLSA: The Supply Chain Hygiene Baseline Every Team Needs in 2026

#security #npm #devops #javascript
Comments
5 min read
Axios got compromised. They attacked the human, not code.
dhg profile
DHg

Axios got compromised. They attacked the human, not code.

#npm #security #axios #opensource
3
Comments
4 min read
Why Your AI Coding Agent Keeps Recommending Dead Packages
the_bookmaster profile

Why Your AI Coding Agent Keeps Recommending Dead Packages

#agents #ai #npm #programming
Comments
2 min read
Malicious npm Packages Disguised as Strapi Plugins Enable Data Exfiltration and Remote Code Execution
kornilovconstru profile

Malicious npm Packages Disguised as Strapi Plugins Enable Data Exfiltration and Remote Code Execution

#npm #strapi #malware #exfiltration
Comments
7 min read
Supply Chain Security measures
0xkoji profile
0xkoji

Supply Chain Security measures

#security #npm #uv #githubactions
Comments
1 min read
I'm 12 and I built a 2KB 0 dependency alternative to CASL!
creeperkid2014 profile

I'm 12 and I built a 2KB 0 dependency alternative to CASL!

#showdev #npm #typescript #node
Comments
1 min read
The Axios/npm Incident & Why AI Won’t Replace Devs
cyberjanitor profile

The Axios/npm Incident & Why AI Won’t Replace Devs

#ai #javascript #npm #security
Comments
1 min read
I built an npm malware scanner and found 21 malicious packages in 24 hours
yurithecoder profile

I built an npm malware scanner and found 21 malicious packages in 24 hours

#security #npm #javascript #opensource
Comments 1
1 min read
How the axios@1.14.1 supply chain attack worked (and how to protect yourself)
bigjenkie profile

How the axios@1.14.1 supply chain attack worked (and how to protect yourself)

#javascript #opensource #security #npm
Comments
4 min read
What the Axios npm Compromise Means for MCP Server Maintainers
michael_onyekwere profile

What the Axios npm Compromise Means for MCP Server Maintainers

#security #mcp #npm #supplychain
Comments
4 min read
How to Finally (and Iteratively) Kill Every Last 'npm audit'
tonymet profile

How to Finally (and Iteratively) Kill Every Last 'npm audit'

#security #automation #npm #node
Comments
3 min read
The Axios Incident Was an Execution Failure. Here Is the Architecture That Prevents It.
skipmid profile

The Axios Incident Was an Execution Failure. Here Is the Architecture That Prevents It.

#npm #axios #openclaw #devsec
Comments
2 min read
👋 Sign in for the ability to sort posts by relevant, latest, or top.