Skip to main content
Scour
Browse
Getting Started
Login
Sign Up
You are offline. Trying to reconnect...
Close
Copied to clipboard
Close
Unable to share or copy to clipboard
Close
📦 Package Managers
Dependency Resolution, Cargo, NPM, Version Management
Filter Results
Timeframe
Fresh
Past Hour
Today
This Week
This Month
Feeds to Scour
Subscribed
All
Scoured
17906
posts in
26.4
ms
Lessons from the Spring 2026 OSS Incidents:
Hardening
npm,
pnpm
, and GitHub Actions Against Supply-Chain Attacks
💥
Exploit Dev
dev.to
·
6h
·
DEV
·
…
Compromised
axios
npm
package delivers cross-platform RAT
🪟
ETW Patching
securitylabs.datadoghq.com
·
2d
·
…
Supply chain blast: Top
npm
package
backdoored
to drop dirty RAT on dev machines
🔗
Supply Chain Attacks
theregister.com
·
2d
·
Hacker News
·
…
Supply chain attack on Axios npm package:
Scope
, impact, and
remediations
🔗
Supply Chain Attacks
tenable.com
·
1d
·
…
Claude Code's Source Code
Leaks
Via
npm
Source Maps
💥
Exploit Dev
developers.slashdot.org
·
1d
·
…
Monorepo Architecture with pnpm Workspace,
Turborepo
&
Changesets
📦
📦
Nix
dev.to
·
17h
·
DEV
·
…
sandbox
individual npm
dependencies
in your node app
📦
Sandboxing
dev.to
·
6d
·
DEV
·
…
Why I Built
pubm
: One CLI to Publish to npm,
JSR
, and Beyond
🔧
Developer Tooling
dev.to
·
5d
·
DEV
·
…
I Built a CLI That Shows the Real Cost of Your
node
_
modules
(Size + Security + Age)
🔍
eBPF
dev.to
·
2h
·
DEV
·
…
Inside The Claude Code Source Leak
Npm
Packaging
Failures Ai Supply Chain Risk And How To Respond
🔗
Supply Chain Attacks
dev.to
·
2h
·
DEV
·
…
Axios
Hijack
Post-Mortem
: How to Audit, Pin, and Automate a Defense
💥
Exploit Dev
dev.to
·
9h
·
DEV
·
…
Stop
Wasting
Tokens on
npm
Install Noise
📁
Dotfiles
dev.to
·
10h
·
DEV
·
…
npm
, March 31:
RAT
in Axios and Half a Million Lines of Claude Code on GitHub
🔧
Binary Ninja
dev.to
·
3h
·
DEV
·
…
I spent 1 month building my first
NPM
package from scratch, and here is the
result
📦
Nix
dev.to
·
6d
·
DEV
·
…
I Built an npm Package to
Scrape
and Slim Down
YAML
Files
📝
Markdown
dev.to
·
1d
·
DEV
·
…
Micro
Frontends
& The Hidden Code Sharing Problem
📜
Bytecode
dev.to
·
5d
·
DEV
·
…
Your
npm
Package Is
Leaking
Source Code (And You Probably Don't Know It)
🔧
Binary Ninja
dev.to
·
1d
·
DEV
·
…
Blind `npm install` Execution Risks Security Vulnerabilities: Review
Lockfiles
to
Mitigate
Threats
💥
Exploit Dev
dev.to
·
1d
·
DEV
·
…
Critical Alert: Axios
NPM
Package
Compromised
in Supply Chain Attack
🔗
Supply Chain Attacks
dev.to
·
1d
·
DEV
·
…
Axios
npm
Package
Compromised
: Supply Chain Attack Delivers Cross-Platform RAT
💥
Exploit Dev
dev.to
·
1d
·
DEV
·
…
Loading...
Loading more...
Page 2 »
Keyboard Shortcuts
Navigation
Next / previous item
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Browse
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help