This instantly came to my mind after seeing a few #npm packages again...

#javascript #xkcd #webdev

"DPRK IT Worker-Related Account Takeover" published by Ketman. #ITWorker, #NPM, #DPRK, #CTI https://www.ketman.org/dprk-it-worker-related-account-takeover.html

⚠️ Under siege: the NPM repository. Plus, Apple denies iMessage security flaws, bots are scanning everywhere, and AI reveals insights on @SGgrc's Microsoft security stance.
🎧 Security Now: https://twit.tv/shows/security-now/episodes/1030
#CyberSecurity #NPM

GoWM : Le Wasm Manager qui va Révolutionner tes Projets JavaScript ✨
https://www.devbyben.fr/blog/gowm-le-wasm-manager-qui-va-revolutionner-tes-projets-javascript #javascript #webassembly #npm #opensource

"npmgraph - NPM Dependency Diagrams" - Graph / visualize of npm dependencies
https://npmgraph.js.org/
#Npm #DevJs • New #link just added to #Otter.

"Malicious crypto-theft package targets Web3 developers in North Korean operation" published by Aikido. #NPM, #DPRK, #CTI https://www.aikido.dev/blog/malicious-package-web3

How to Install #Directus on #AlmaLinux #VPS

Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
What is Directus?
Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, user-friendly admin interface for ...
Continued 👉 https://blog.radwebhosting.com/how-to-install-directus-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #npm #letsencrypt #installguide #postgresql #vpsguide #selfhosting #nodejs #selfhosted #cmsapps

https://www.npmjs.com/package/duckduckgo-chat-interface #npm #package #developers #ia

⛵ 💻 Just published a fun little CLI toy: @konstantindenerz/yacht-animation
Let a yacht sail across your terminal like it’s 1995 ⛵️🌊

```
npm install -g @konstantindenerz/yacht-animation yacht-animation ```
📦 npm: https://www.npmjs.com/package/@konstantindenerz/yacht-animation

#nodejs #cli #devfun #npm #ascii #yacht #sailing #nautics

Just launched a CLI tool that turns your Postman collection into a fully-typed TypeScript SDK. 🚀

✅ Axios or Fetch
✅ Auth via Postman config (Bearer/API key/Basic)
✅ Auto-inferred types
✅ Folder-based namespaces
✅ .d.ts output optional

Install it with:
npm install -g @sirHC77/postman-sdk-gen

Docs & repo: https://github.com/megafarad/postman-sdk-gen

#typescript #postman #devtools #sideproject #npm

While #npm and some other central services have #outages I wonder if there is some is some #decentral or #federated solution for this? Otherwise #Javascript world is pretty fucked up if #Github / #Microsoft pulls the plug https://status.npmjs.org/

In a long-awaited #sequel to the saga no one asked for, our protagonist returns from the #wilderness to regale us with #tales of heart-driven #npm #heroism 🌳❤️. Eight years on, and the legendary 'left-pad' incident is finally documented as if it were the Moon landing 🚀. Spoiler: #camping and #principles, not code, are what make Azer tick. 🏕️✨
https://azerkoculu.com/posts/left-pad #left-pad #HackerNews #ngated

The Hidden Performance Cost of Manual Data Fetching in React

https://fed.brid.gy/r/https://forem.com/tobimadehin/the-hidden-performance-cost-of-manual-data-fetching-in-react-45a9

Are you reviewing your NPM dependancies for malicious code? #devsecops #appsec #npm
https://www.scworld.com/news/complex-npm-attack-uses-7-plus-layers-of-obfuscation-to-spread-pulsar-rat

#Malware found in #NPM packages with 1 million weekly downloads

https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-gluestack-npm-packages-with-960k-weekly-downloads/

#cybersecurity

Malicious #npm packages posing as utilities delete project directories

https://www.bleepingcomputer.com/news/security/malicious-npm-packages-posing-as-utilities-delete-project-directories/

#cybersecurity

📢 Découverte de packages npm malveillants avec des portes dérobées destructrices
📝 L'équipe de recherche sur les menaces de Socket a mis en lumière une menace sérieuse concernant des packages npm malveillants...
📖 cyberveille : https://cyberveille.ch/posts/2025-06-09-decouverte-de-packages-npm-malveillants-avec-des-portes-derobees-destructrices/
🌐 source : https://socket.dev/blog/destructive-npm-packages-enable-remote-system-wipe
#malware #npm #Cyberveille

Major supply chain attack on NPM's Gluestack packages impacts 950K+ weekly downloads. #SupplyChainAttack #NPM #Cybersecurity

More details: https://securityaffairs.com/178772/malware/over-950k-weekly-downloads-at-risk-in-ongoing-supply-chain-attack-on-gluestack-packages.html - https://www.flagthis.com/news/16436

🚨 Hidden backdoors found in npm packages allow attackers to remotely wipe entire systems, raising serious supply chain security concerns.

Read: https://hackread.com/backdoors-npm-packages-attackers-wipe-systems/

#CyberSecurity #NPM #Malware #Backdoor #DevOps

複数のMarkdownファイルを一つにまとめるCLIツール「md-concatter」を作ってみた
https://dev.classmethod.jp/articles/md-concatter-markdown-cli-tool/

#dev_classmethod #Markdown #業務効率化 #業務改善 #生成AI #CLI #npm #コマンド