Hackernews posts about NPM

NPM is a package manager for JavaScript that allows developers to easily install and manage dependencies in their projects, serving as a central registry for millions of open-source packages.

Related: Ledger  
  1. Malware hidden inside NPM with invisible Unicode and Google Calendar invites [video] (www.youtube.com)
    9 points by foobuzzHN 15 days ago | discuss
  2. Destructive malware available in NPM repo went unnoticed for 2 years (arstechnica.com)
    7 points by jaredwiener 9 days ago | discuss
  3. NPM targeted by malware campaign mimicking familiar library names (socket.dev)
    5 points by feross 29 days ago | discuss
  4. Delivering malware via Google Calendar invites and PUAs in an NPM package (www.aikido.dev)
    4 points by todsacerdoti 13 days ago | discuss
  5. Backdooring the IDE: Malicious NPM Packages Hijack Cursor Editor on macOS (socket.dev)
    4 points by gnabgib 22 days ago | discuss
  6. Malicious NPM Package Wipes Codebases with Remote Trigger (socket.dev)
    3 points by feross 1 day ago | discuss
  7. Malicious NPM Packages (socket.dev)
    3 points by Tomte 5 days ago | discuss
  8. Sophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2 (www.veracode.com)
    3 points by gnabgib 16 days ago | discuss
  9. Malicious NPM Packages Target Cursor AI's macOS Users (www.securityweek.com)
    3 points by selfhoster 22 days ago | discuss
  10. Malicious NPM Packages Use Telegram to Exfiltrate BullX Credentials (socket.dev)
    3 points by feross 23 days ago | discuss
  11. Yuno is an npm package for real-time file system collaboration (yuno.ws)
    2 points by Abdyrahman 2 days ago | 1 comments
  12. Catching the Silent Threat: How Dynamic Analysis Revealed an NPM Attack Chain (safedep.io)
    2 points by abhisek about 6 hours ago | discuss
  13. Mcp-scan: NPM-audit-style security scanner for MCPs (stytch.com)
    2 points by mcstempel 25 days ago | discuss
  14. Show HN: NpmStars by BasicUtils – Compare NPM downloads and GitHub stars (basicutils.com)
    1 points by josephkot 10 days ago | 1 comments
  15. Show HN: try-module.cloud – Preview and share NPM Packages from any PR (try-module.cloud)
    1 points by TorstenDittmann 12 days ago | discuss
  16. Show HN: Rv, a Package Manager for R (github.com)
    76 points by Keats 15 days ago | 31 comments
  17. Show HN: Solidis – Tiny TS Redis client, no deps, for serverless (github.com)
    71 points by jayl-e-e 15 days ago | 8 comments
  18. Show HN: Feedsmith — Fast parser & generator for RSS, Atom, OPML feed namespaces (github.com)
    70 points by macieklamberski 25 days ago | 9 comments
  19. Show HN: Convert JSON Schema to SQL DDL (github.com)
    10 points by vjv 16 days ago | discuss
  20. Show HN: Cloi – free local debugging agent in your terminal (github.com)
    8 points by mingyk 24 days ago | 1 comments
  21. Show HN: MCP Server for Document Processing via Natural Language (github.com)
    8 points by nicknamewinder 12 days ago | discuss
  22. Show HN: Hover Effects TS – ASCII, Lego, and glitch hover effects using canvas (www.npmjs.com)
    6 points by hsrambo07 12 days ago | 3 comments
  23. Cloi – Local debugging agent that runs in your terminal
    5 points by gcha 25 days ago | 1 comments
  24. Show HN: Superexpert.ai – Open-source, no-code platform for multi-task AI agents (superexpert.ai)
    3 points by StephenWalther 25 days ago | 1 comments
  25. Ask HN: What back end SSR stack do you recommend in 2025 and why?
    2 points by pier25 10 days ago | 3 comments
  26. Show HN: Rowt – Easy Deep Linking and Analytics Infra (Self-Hosted or Managed) (console.rowt.app)
    2 points by tophercully 13 days ago | discuss
  27. Show HN: MCPBar – Open-Source Package Manager with Open Registry for MCP Servers (www.mcp.bar)
    2 points by jdeng 25 days ago | discuss
  28. Show HN: Run automated ML experiments using Claude Code (github.com)
    1 points by killerstorm 6 days ago | 1 comments
  29. Show HN: Gen-ts-type – Code Generate TS Type from JSON data with collapsed field (gen-ts-type.surge.sh)
    1 points by aabbcc1241 11 days ago | discuss
  30. Show HN: I built CLI to migrate Lovable React apps to Next.js–no rewrites needed (nextlovable.com)
    1 points by NabilChiheb 27 days ago | discuss
More