Skip to main content
Scour
Browse
Getting Started
Login
Sign Up
You are offline. Trying to reconnect...
Close
Copied to clipboard
Close
Unable to share or copy to clipboard
Close
📦 Package Managers
Dependency Resolution, Cargo, NPM, Version Management
Filter Results
Timeframe
Fresh
Past Hour
Today
This Week
This Month
Feeds to Scour
Subscribed
All
Scoured
18067
posts in
28.4
ms
Lessons from the Spring 2026 OSS Incidents:
Hardening
npm,
pnpm
, and GitHub Actions Against Supply-Chain Attacks
💥
Exploit Dev
dev.to
·
1h
·
DEV
·
…
Compromised
axios
npm
package delivers cross-platform RAT
🪟
ETW Patching
securitylabs.datadoghq.com
·
2d
·
…
NPM
Archaeology
: 5 Years in the Ground, Still
Breathing
🗒️
Obsidian
npmjs.com
·
5d
·
DEV
·
…
Supply chain blast: Top
npm
package
backdoored
to drop dirty RAT on dev machines
🔗
Supply Chain Attacks
theregister.com
·
1d
·
Hacker News
·
…
Supply chain attack on Axios npm package:
Scope
, impact, and
remediations
🔗
Supply Chain Attacks
tenable.com
·
1d
·
…
Claude Code's Source Code
Leaks
Via
npm
Source Maps
💥
Exploit Dev
developers.slashdot.org
·
1d
·
…
Monorepo Architecture with pnpm Workspace,
Turborepo
&
Changesets
📦
📦
Nix
dev.to
·
13h
·
DEV
·
…
sandbox
individual npm
dependencies
in your node app
📦
Sandboxing
dev.to
·
5d
·
DEV
·
…
Axios
Hijack
Post-Mortem
: How to Audit, Pin, and Automate a Defense
💥
Exploit Dev
dev.to
·
5h
·
DEV
·
…
Stop
Wasting
Tokens on
npm
Install Noise
📁
Dotfiles
dev.to
·
5h
·
DEV
·
…
Why I Built
pubm
: One CLI to Publish to npm,
JSR
, and Beyond
🔧
Developer Tooling
dev.to
·
5d
·
DEV
·
…
I Built an npm Package to
Scrape
and Slim Down
YAML
Files
📝
Markdown
dev.to
·
1d
·
DEV
·
…
I spent 1 month building my first
NPM
package from scratch, and here is the
result
📦
Nix
dev.to
·
6d
·
DEV
·
…
Your
npm
Package Is
Leaking
Source Code (And You Probably Don't Know It)
🔧
Binary Ninja
dev.to
·
1d
·
DEV
·
…
Blind `npm install` Execution Risks Security Vulnerabilities: Review
Lockfiles
to
Mitigate
Threats
💥
Exploit Dev
dev.to
·
1d
·
DEV
·
…
Micro
Frontends
& The Hidden Code Sharing Problem
📜
Bytecode
dev.to
·
5d
·
DEV
·
…
The Axios Supply Chain Attack Explained: How a
Compromised
npm
Account Put 83 Million Projects at Risk
🔗
Supply Chain Attacks
dev.to
·
1d
·
DEV
·
…
Copilot CLI
Extensions
Cookbook
: 16 Production-Ready Examples You Can Copy Today
🚧
Execution Guardrails
dev.to
·
6d
·
DEV
·
…
Critical Alert: Axios
NPM
Package
Compromised
in Supply Chain Attack
🔗
Supply Chain Attacks
dev.to
·
1d
·
DEV
·
…
Axios
npm
Package
Compromised
: Supply Chain Attack Delivers Cross-Platform RAT
💥
Exploit Dev
dev.to
·
1d
·
DEV
·
…
Loading...
Loading more...
Page 2 »
Keyboard Shortcuts
Navigation
Next / previous item
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Browse
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help