#npm-supply-chain tag

React

This Week In React #250: Activity, React Router, CSS-in-JS, RSC, React-Query, useEffect | Expo, iOS blur, AI, Lynx, Squircle, DataList, Liquid Glass | TC39, pnpm, Bun, Browserslist, WebKit | This Week In React

fromThisweekinreact

2 months ago

React

This Week In React #249: TanStack, Fast-Refresh, MDX, Storybook, nuqs, AI Elements, Three-Fiber | Expo, Legend List, Uniwind, New Arch, Rock, Screens, IAP, Glass, Sound, NavigationBar | Interop, Linting, Safari | This Week In React

fromThisweekinreact

2 months ago

React

This Week In React #250: Activity, React Router, CSS-in-JS, RSC, React-Query, useEffect | Expo, iOS blur, AI, Lynx, Squircle, DataList, Liquid Glass | TC39, pnpm, Bun, Browserslist, WebKit | This Week In React

fromThisweekinreact

2 months ago

React

This Week In React #249: TanStack, Fast-Refresh, MDX, Storybook, nuqs, AI Elements, Three-Fiber | Expo, Legend List, Uniwind, New Arch, Rock, Screens, IAP, Glass, Sound, NavigationBar | Interop, Linting, Safari | This Week In React

more#react

fromTechzine Global

1 week ago

Critical vulnerability exposed in JavaScript library expr-eval

A critical security vulnerability in the popular JavaScript library expr-eval allows remote code execution. The bug, with a CVSS score of 9.8, affects hundreds of projects and is forcing developers to migrate to a secure version quickly. The vulnerability, registered as CVE-2025-12735, is listed in the US National Vulnerability Database (NVD) and is considered one of the most serious security issues in recent JavaScript ecosystems.

Information security

fromIT Pro

2 weeks ago

Hackers are using these malicious npm packages to target developers on Windows, macOS, and Linux systems - here's how to stay safe

Typosquatted npm packages delivered a PyInstaller 24MB infostealer across Windows, macOS, and Linux using multi-layer obfuscation, fake CAPTCHA, and IP fingerprinting.

Information security

fromSecurityWeek

2 months ago

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

A supply-chain attack named Shai-Hulud infected over 180 NPM packages with self-replicating malware that stole secrets and published them to public GitHub repositories.

#npm-supply-chain#npm-supply-chain

This Week In React #250: Activity, React Router, CSS-in-JS, RSC, React-Query, useEffect | Expo, iOS blur, AI, Lynx, Squircle, DataList, Liquid Glass | TC39, pnpm, Bun, Browserslist, WebKit | This Week In React

This Week In React #249: TanStack, Fast-Refresh, MDX, Storybook, nuqs, AI Elements, Three-Fiber | Expo, Legend List, Uniwind, New Arch, Rock, Screens, IAP, Glass, Sound, NavigationBar | Interop, Linting, Safari | This Week In React

This Week In React #250: Activity, React Router, CSS-in-JS, RSC, React-Query, useEffect | Expo, iOS blur, AI, Lynx, Squircle, DataList, Liquid Glass | TC39, pnpm, Bun, Browserslist, WebKit | This Week In React

This Week In React #249: TanStack, Fast-Refresh, MDX, Storybook, nuqs, AI Elements, Three-Fiber | Expo, Legend List, Uniwind, New Arch, Rock, Screens, IAP, Glass, Sound, NavigationBar | Interop, Linting, Safari | This Week In React

Critical vulnerability exposed in JavaScript library expr-eval

Hackers are using these malicious npm packages to target developers on Windows, macOS, and Linux systems - here's how to stay safe

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

#npm-supply-chain
#npm-supply-chain