Cryptopolitan on MSN

Malicious SAP npm packages target crypto wallet data

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...
Arabian Post

SAP developers face npm supply shock

Malicious code inserted into four SAP-related npm packages exposed developer workstations and automated build systems to credential theft, marking a sharp escalation in attacks against open-source ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...