Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

“Era of humans writing code is over” warns NodeJS creator Ryan Dahl amid rapid rise of AI coding tools

Software development, long regarded as one of the most labour-intensive corners of the technology sector, is now transforming ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized parser input.
India Today

NodeJS creator says era of humans writing code is over, suggests next options for software engineers

The state of Vibe Coding in early 2026 is such that even seasoned software developers are now saying that the days of ...
CSO Online

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, ...
GitHub

1️⃣ ️ The One Billion Row Challenge with Node.js

The One Billion Row Challenge (1BRC) is a fun exploration of how far modern Java can be pushed for aggregating one billion rows from a text file. Later the community created a dedicated @1brc ...
CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from enterprise workflows.
GitHub

PHP HTTP Request Handler for Node.js

With @platformatic/php-node you can run PHP applications within the same process as a Node.js application, allowing for communication between Node.js and PHP without any network connection in the ...
DataBreachToday

Researchers Spot New Shai Hulud Variant

Security researchers at Aikido on Sunday uncovered an apparently new Shai Hulud variant, uploaded to npm through a GitHub repository called @vietmoney/react-big-calendar. Shai Hulud is the moniker for ...