Hackernews posts about NPM

NPM is a package manager for JavaScript that allows developers to easily install and manage dependencies in their projects, serving as a central registry for millions of open-source packages.

Related: Ledger

NPM flooded with malicious packages downloaded more than 86k times (arstechnica.com)

364 points by jnord 18 days ago | 295 comments
How Cloudflare's client-side security made the NPM supply chain attack non-event (blog.cloudflare.com)

19 points by meysamazad 21 days ago | 1 comments
PhantomRaven: NPM Malware Hidden in Invisible Dependencies (www.koi.ai)

12 points by azornathogron 19 days ago | 1 comments
Show HN: CoordConversions NPM Module for Map Coordinate Conversions (github.com)

8 points by smatthewaf 20 days ago | 2 comments
Crims Poison 150K+ NPM Packages with Token-Farming Malware (www.theregister.com)

7 points by jruohonen 2 days ago | 1 comments
NPM flooded with malicious packages downloaded more than 86,000 times (arstechnica.com)

4 points by Brajeshwar 18 days ago | discuss
Npmcheck – CLI to quickly check if NPM package names are available (github.com)

4 points by mirrormaster 21 days ago | discuss
Show HN: [npm] Recreation of YouTube's "ambient glow" effect (www.npmjs.com)

3 points by JSXJedi 10 days ago | 1 comments
Undelete NPM Packages (www.npmjs.com)

3 points by 6mile 21 days ago | 1 comments
WASM based 3D viewer available in npmjs (www.npmjs.com)

3 points by GlowOnDub 24 days ago | 1 comments
NPM install Vite is broken (github.com)

3 points by nvader 10 days ago | discuss
StackTCO – find the right NPM packages for your framework (www.stacktco.com)

3 points by matwiemann 10 days ago | discuss
Why is NPM getting rid of TOTP as 2FA authentication method? (github.com)

3 points by josephcsible 18 days ago | discuss
NPM Typosquatted Packages Deploy Multi-Stage Credential Harvester (socket.dev)

3 points by feross 20 days ago | discuss
Malicious packages in NPM evade dependency detection through invisible URL links (www.csoonline.com)

2 points by shehackspurple 17 days ago | 2 comments
PhantomRaven: NPM Malware Hidden in Invisible Dependencies (www.koi.ai)

2 points by beardyw 17 days ago | 1 comments
Analyzing a NPM Spam Campaign: The Great Indonesian Tea Theft (www.endorlabs.com)

2 points by ChrisArchitect 4 days ago | discuss
Next.js 16's Turbopack breaks NPM link (www.steveharrison.dev)

2 points by steveharrison 4 days ago | discuss
The Changelog Podcast: Practical Steps to Stay Safe on NPM (socket.dev)

2 points by feross 17 days ago | discuss
Show HN: Secure Extensions Marketplace for Chrome,Edge,Firefox,VSCode,NPM (browsertotal.com)

2 points by minche 19 days ago | discuss
Show HN: I created an NPM package to AI sync my translations in seconds (www.npmjs.com)

1 points by cvicpp123 10 days ago | 2 comments
Fake packages flood NPM registry in major attack – here's what we know (www.techradar.com)

1 points by alsetmusic 4 days ago | 1 comments
Another Round of Tea Protocol Spam Floods NPM, but It's Not a Worm (socket.dev)

1 points by feross 3 days ago | discuss
NPM-GitNameCheck (firexcore.com)

1 points by FireXCore 9 days ago | discuss
Building a more secure NPM ecosystem with Mend Renovate (www.mend.io)

1 points by jamietanna 10 days ago | discuss
Recreating YouTube's Ambient Glow Effect as an NPM Package (Demo Inside) (www.npmjs.com)

1 points by JSXJedi 11 days ago | discuss
Show HN: Dexto – Connect your AI Agents with real-world tools and data (github.com)

41 points by shaunaks 20 days ago | 12 comments
Show HN: OpenAI ChatGPT App starter DevXP feels like 2010, I built a better one (github.com)

19 points by Eldodi 25 days ago | 2 comments
Show HN: Interactive timelines from Markdown – Chronos Timeline (clairefro.github.io)

11 points by marjipan200 27 days ago | 1 comments
Show HN: spoilerjs – Reddit-style spoilers with particle animations (spoilerjs.sh4jid.me)

6 points by sh4jid 21 days ago | 1 comments