NPM flooded with malicious packages downloaded more than 86,000 times

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 ...

Dangerous npm packages are targeting developer credentials on Windows, Linux and Mac - here ...

Recently, security researchers Socket found 10 packages on npm targeting software developers, specifically those who use the ...
GitHub

Node.js Release WorkGroup Meeting 2025-10-17

https://www.timeanddate.com/worldclock/fixedtime.html?msg=Node.js+Foundation+Release%20WorkGroup+Meeting+2025-10-17&iso=20251017T140000 or https://www.wolframalpha ...
Australian Broadcasting Corporation

Surge in shark-tracking app downloads following fatal Sydney attack

There has been a significant increase in downloads of the NSW government's shark-tracking app following a fatal attack on Sydney's Northern Beaches. It comes after the number of tiger sharks caught in ...
The Hacker News

BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a ...
The Hacker News

13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as ...