Skip to main content
Scour
Discover
Docs
Login
Sign Up
You are offline. Trying to reconnect...
Copied to clipboard
Unable to share or copy to clipboard
Back to article
Unit 42
8w
8 weeks ago
The npm Threat Landscape: Attack Surface and Mitigations
(opens in new tab)
Covered by
8 sources
See all sources covering this story
including
Andrew Nesbitt
,
DEV Community
Love
Like
Not for me
Save
|
|
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Covered in 8 articles
Andrew Nesbitt
·
4w
4 weeks ago
Signing Is for the Bad Days
Discussed on
Hacker News
and
Hacker News
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Signing Is for the Bad Days
DEV Community
·
4w
4 weeks ago
Supply Chain Attacks + Stale Credentials: Why This Combination Is So Dangerous in 2026
Discussed on
DEV
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Supply Chain Attacks + Stale Credentials: Why This Combination Is So Dangerous in 2026
Digital Forensics Magazine
·
3w
3 weeks ago
NEWS ROUNDUP – 3rd June 2026
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for NEWS ROUNDUP – 3rd June 2026
Tenable Blog
·
1d
1 day ago
What the Miasma campaign reveals about the new supply chain threat model and the underground market for developer credentials
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for What the Miasma campaign reveals about the new supply chain threat model and the underground market for developer credentials
therecord.media
·
3w
3 weeks ago
Red Hat removes tainted packages after software pipeline compromise
Discussed on
Hacker News
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Red Hat removes tainted packages after software pipeline compromise
datanexusmcp.com
·
6d
6 days ago
September 2025 NPM Attack Hit 2.6B Weekly Downloads. Most Found Out on Twitter
Discussed on
Hacker News
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for September 2025 NPM Attack Hit 2.6B Weekly Downloads. Most Found Out on Twitter
snyk.io
·
5w
5 weeks ago
TanStack npm Packages Hit by Mini Shai-Hulud
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for TanStack npm Packages Hit by Mini Shai-Hulud
In other languages
kite.kagi.com
·
3w
3 weeks ago
레드햇, 침해된 npm 패키지 32개 제거
Love
Like
Not for me
Save
See related topics
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for 레드햇, 침해된 npm 패키지 32개 제거
Keyboard Shortcuts
Navigation
Next / previous post
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Discover
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help
Like
Save
Not for me
Report