Skip to main content
Scour
Discover
Docs
Login
Sign Up
Discover
About
Docs
Changelog
You are offline. Trying to reconnect...
Copied to clipboard
Unable to share or copy to clipboard
Back to article
Unit 42
8w
8 weeks ago
The npm Threat Landscape: Attack Surface and Mitigations
(opens in new tab)
Covered by
7 sources
See all sources covering this story
including
Andrew Nesbitt
,
DEV Community
Love
Like
Not for me
Save
|
|
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Covered in 7 articles
Andrew Nesbitt
·
4w
4 weeks ago
Signing Is for the Bad Days
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Signing Is for the Bad Days
DEV Community
·
4w
4 weeks ago
Supply Chain Attacks + Stale Credentials: Why This Combination Is So Dangerous in 2026
Discussed on
DEV
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Supply Chain Attacks + Stale Credentials: Why This Combination Is So Dangerous in 2026
digitalforensicsmagazine.com
·
2w
2 weeks ago
NEWS ROUNDUP – 3rd June 2026
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for NEWS ROUNDUP – 3rd June 2026
datanexusmcp.com
·
3d
3 days ago
September 2025 NPM Attack Hit 2.6B Weekly Downloads. Most Found Out on Twitter
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for September 2025 NPM Attack Hit 2.6B Weekly Downloads. Most Found Out on Twitter
therecord.media
·
2w
2 weeks ago
Red Hat removes tainted packages after software pipeline compromise
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Red Hat removes tainted packages after software pipeline compromise
snyk.io
·
4w
4 weeks ago
TanStack npm Packages Hit by Mini Shai-Hulud
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for TanStack npm Packages Hit by Mini Shai-Hulud
In other languages
kite.kagi.com
·
2w
2 weeks ago
레드햇, 침해된 npm 패키지 32개 제거
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for 레드햇, 침해된 npm 패키지 32개 제거
Keyboard Shortcuts
Navigation
Next / previous post
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Discover
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help
Like
Save
Not for me
Report