51CTO

Node.js 生态遭遇史上最大规模攻击,速查!

这起事件再次敲响警钟:开源生态的便利背后,供应链安全始终是潜在的“软肋”。前端开发者或许不是黑客的直接目标,但却可能在不知不觉中成为受害者。 9 月 8 日,Node.js 生态链遭遇前所未有的冲击。资深 npm 维护者 Qix(Josh Junon) 因一封钓鱼邮件泄露了 ...
CoinTelegraph

Polygon says blocks still running despite consensus bug disruption

Update (Sept. 10, 10:35 am UTC): This article has been updated with information throughout. Update (Sept. 10, 11:50 am UTC): This article has been updated to add comments from a Polygon representative ...
heise online

Major attack on node.js

A major attack on the supply chain for software packages for the widely used JavaScript runtime environment node.js was discovered on Monday. The attacker has injected obfuscated malicious code into ...
The Hacker News

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on ...
theregister

Putin on the code: DoD reportedly relies on utility written by Russia-based Yandex dev

US cybersecurity firm Hunted Labs reported the revelations on Wednesday. The utility in question is fast-glob, which is used to find files and folders that match specific patterns. Its maintainer goes ...
The Hacker News

Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical ...

Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of ...
protos

Three sneaky changes in Bitcoin Core v30 are confusing node operators

A vocal community of node operators who prefer traditional limits on the amount of arbitrary data that can accompany a bitcoin (BTC) transaction is infuriated with an upcoming software release for at ...
Developer Tech

Node.js 24: A faster, sleeker JavaScript experience

Node.js 24 has officially arrived, and it’s bringing a rather tasty selection of improvements to the table. If you’re a developer knee-deep in web apps or wrestling with asynchronous code, this ...
SecurityWeek

Microsoft Warns of Node.js Abuse for Malware Delivery

Microsoft on Tuesday issued a warning over the increasing use of Node.js for the delivery of malware and other malicious payloads. The tech giant has been seeing such attacks aimed at its customers ...
Microsoft

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to ...
ascopubs.org

Sentinel Lymph Node Biopsy in Early-Stage Breast Cancer: ASCO Guideline Update

ASCO Guidelines provide recommendations with comprehensive review and analyses of the relevant literature for each recommendation, following the guideline development process as outlined in the ASCO ...