7 “thin silver lining” charts from the Rose Bowl debacle

So I’ll do a quick tour of the graveyard before I present some silver linings in this historic Alabama loss.
The Hacker News

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
CSO Online

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing messages and maintaining persistence.
The Munich Eye

New Supply Chain Attack Targets npm Packages with Malicious Scripts

A recent supply chain attack poses a significant threat to workstations and continuous integration (CI) environments. Security firm Socket has issued a warning regarding the discovery of 60 npm ...
GitHub

whike-chan/npm-scripts-imagemin

画像圧縮用のnpm-scriptsです。 初回実行時は npm i でパッケージをインストールしてください。 画像圧縮が走ります。 npm run img:watch 画像フォルダーを監視し、変更されると画像圧縮が走ります。
TWCN Tech News

AutoHotkey Tutorial: How to use AutoHotKey scripts to automate tasks

This is a beginner’s guide to creating AutoHotkey scripts. AutoHotkey is a program that allows you to create a key combination for a task. You can call them macros or mini-programs. The scripts or ...
GitHub

npm default install command always runs if binding.gyp exists, and package install script is ignored

npm timing build:link Completed in 14ms npm info run [email protected] install node_modules/bufferutil node-gyp rebuild npm info run [email protected] install node_modules ...
CSOonline

NPM JavaScript registry suffers massive influx of malware, report says

The NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.