Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
GitHub

JSO – OAuth 2.0 Client with Javascript

JSO is a simple and flexible OAuth javascript library to use in your web application or native mobile app. JSO is provided by UNINETT AS, a non-profit company working for educational and research ...
GitHub

ImageKit.io JavaScript SDK

This lightweight, dependency-free JavaScript SDK is designed specifically for browser use. It provides utility functions to generate image and video src URLs using ImageKit transformations and to ...
SecurityWeek

Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack

With more than 4 million weekly downloads, the Nx build platform became the first known supply chain breach where hackers weaponized AI assistants for data theft. Hackers stole thousands of ...