Skip to main content
Scour
Browse
Getting Started
Login
Sign Up
You are offline. Trying to reconnect...
Close
Copied to clipboard
Close
Unable to share or copy to clipboard
Close
📦 Package Managers
Dependency Resolution, Cargo, NPM, Version Management
Filter Results
Timeframe
Fresh
Past Hour
Today
This Week
This Month
Feeds to Scour
Subscribed
All
Scoured
183561
posts in
47.0
ms
NPM
Slop and
Wonky
Software Supply Chains
📦
Dependency Confusion
simonramstedt.com
·
1d
·
Lobsters
,
Hacker News
,
r/programming
Npm
Slop &
Wonky
Software Supply Chains
📦
Dependency Confusion
programming.dev
·
7h
pnpm
11 Release Candidate:
ESM
Distribution, Supply Chain Defaults and a New Store Format
📦
Dependency Confusion
infoq.com
·
5d
I built an npm package that
eats
one line of your code every minute you're
idle
🌍
Browser Exploits
github.com
·
19h
·
r/node
Why and how does
pacman
install an
outdated
package?
📦
Dependency Confusion
archlinux.org
·
2d
·
r/archlinux
Package
Cooldown
with
SBOMs
📋
SBOM
interlynk.io
·
6d
·
Hacker News
93 Minutes on
npm
: Inside the
Bitwarden
CLI Supply Chain Attack
🔗
Supply Chain Attacks
osintteam.blog
·
1d
The
npm
Threat Landscape: Attack Surface and
Mitigations
🌍
Browser Exploits
unit42.paloaltonetworks.com
·
2d
Namastex.ai
npm Packages Hit with TeamPCP-Style
CanisterWorm
Malware
📦
Dependency Confusion
socket.dev
·
4d
·
Hacker News
Bitwarden
Confirms Short-Lived npm
Compromise
Affecting CLI Package
📦
Dependency Confusion
linuxiac.com
·
2d
Kubernetes v1.36
Promotes
Stability, Compatibility &
Reproducibility
⚓
Kubernetes
cloudnativenow.com
·
4d
Nine
quick tips for software
containerization
📦
Containerization
journals.plos.org
·
2d
Bitwarden
NPM
Package Hit in Supply Chain Attack
🔗
Supply Chain Attacks
securityweek.com
·
2d
Release Release
Candidate
v1.6.3-rc.39
🔍
Binary Diffing
github.com
·
3d
Npm Supply Chain Malware Attack Targets Developers With
Worm-Like
Propagation
🔗
Supply Chain Attacks
infosecurity-magazine.com
·
2d
Self-Propagating
npm Malware Turns Trusted Packages Into Attack
Paths
🌍
Browser Exploits
malware.news
·
3d
Treat
open source software as critical infrastructure
🔓
Economics of Open Source
techtarget.com
·
6d
Bitwarden
CLI npm package
compromised
to steal developer credentials
📦
Dependency Confusion
bleepingcomputer.com
·
3d
lirantal/pypi-security-best-practices
: Collection of
PyPI
registry package manager Security Best Practices featuring uv and pip
🐍
Impacket
github.com
·
3d
·
Hacker News
Release Release
Candidate
v1.6.3-rc.43
🔍
Binary Diffing
github.com
·
3d
Log in to enable infinite scrolling
Keyboard Shortcuts
Navigation
Next / previous item
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Browse
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help