3초 만에 20개 npm 패키지를 오염시킨 자동화 Supply Chain Attack
Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
The New Standard for NPM Package Discovery: Deep Dive into LibPilot
From Code to npm: Vue 3 Component Library Publishing Guide
npm Supply Chain RAT: PostCSS Impersonation & Dependency Confusion
One npm Account Publishes 964 Million Downloads Per Week. None Have Provenance.
npm prepare 스크립트를 이용한 RCE 백도어 탐지 및 VPS 샌드박스 방어
IronWorm Commits as 'claude.' It Steals Your Anthropic and OpenAI Keys.
Upcoming breaking changes for NPM v12
I Researched the Red Hat npm Incident — Here's What Every Developer Should Know
CI/CD 파이프라인 침해로 인한 32개 npm 패키지 및 95개 버전 오염 사례
Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
On the Shoulders of Giants: Package Registries, Node & NPM
Publishing a reusable React UI package as an npm module
npm Supply Chain Audit: The Checklist Most Teams Stop Too Early
Npm registry sets stage for more secure package publishing
Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
What I learned introspecting 922 npm MCP servers
I Published My First npm Package: Here's Everything I Wish I Knew
I Published My First npm Package — Here's Everything I Wish I Knew
OpenAI caught in TanStack npm supply chain chaos after employee devices compromised