Has anyone tried adding @fontawesome and @webawesome to a 2.0 pen on @codepen? In https://www.youtube.com/shorts/CO_9Zx9ELEc @chriscoyier adds an import to script.js that references the NPM package for Web Awesome, and then #CodePen generates a package.json. I'm still trying to figure out how […]
Manitoba poets! The deadline for Writes of Spring is Monday, March 30, which is also my 53rd birthday. So: won't you PLEASE gift me with me with some land and sea-themed poems?
#nationalpoetrymonth #NPM #NPM2026
I Wrote up the whole process of rehabilitating an old npm package:
TypeScript migration, CSS-in-JS regrets, Intl API and why I check bundle size more than my messages
dev.to/kirill_c_7b35589230/npm-archaeology-5-years-in-the-ground-still-breathing-nnl
#npm #opensource #react #typescript
A new Ghost campaign is targeting developers with fake #npm progress bars that trick users into entering sudo passwords, leading to malware installs and crypto wallet theft.
Read: hackread.com/ghost-campai...
#CyberSecurity #npm #Phishing #Malware #DevSecOps
Why bcrypt Is Not Enough in 2026 And What We Built Instead The Story Behind This Package Every time I started a new Node.js backend project, I found myself doing the same thing. npm install bcrypt ...
#webdev #programming #node #npm
Origin | Interest | Match
Self-spreading worm weaponises npm, targets Iran with destructive wiper
#Potatosecurity #SupplyChain #Malware #npm #AusNews
thedailyperspective.org/article/2026-03-27-self-...
Self-spreading worm weaponises npm, targets Iran with destructive wiper
#Cybersecurity #SupplyChain #Malware #npm #AusNews
thedailyperspective.org/article/2026-03-27-self-...
Just released my first npm package for #OpenSCAD and it feels like a milestone! Run "npx scadder install [url-or-model-id]" to pull the respective scad (like the gridfinity-rebuilt-baseplate) from GitHub onto your local machine.
#opensource #opensourcehardware #3dprinting #3dmodeling #npm #github
Build an Offline Hybrid RAG Stack with ONNX and Foundry Local | by Lee Stott
techcommunity.microsoft.com/blog/educato...
#ai #onnx #rag #foundry #foundrylocal #softwaredev #javascript #npm
Suspected hijacked developer accounts used to push npm malware, with packages like "sbx-mask" and "touch-adv" stealing credentials from infected systems. If installed, rotate keys and check network activity now.
Read: hackread.com/suspected-hi...
#CyberSecurity #npm #Malware #DevSecOps
~Socket~
5 typosquatted npm packages target Solana and Ethereum devs to steal private keys via Telegram.
-
IOCs: galedonovan0121@gmail[. ]com, t[. ]me/+IDl6XgFBZdI1ZjZh, ethersproject-wallet
-
#Crypto #Malware #ThreatIntel #npm
Alert: GhostLoader malware infiltrates NPM packages, stealing developer credentials via Remote Dynamic Dependencies. Stay vigilant and secure your development environment. #CyberSecurity #NPM #SupplyChainAttack Link: thedailytechfeed.com/ghostloader-...
Use any npm package as a Maven/Gradle dependency. No Node.js. Just add it and build. Tailwind, htmx, Svelte, Lit... the entire npm ecosystem for Java.
Now with an MCP for AI agents.
Built on Quarkus. Open source. Commonhaus Foundation.
mvnpm.org
#java #quarkus #webdev #npm #maven #opensource
I Ran npm install 1,000 Times This Year. Here's Why That Scares Me Now. TL;DR: The GlassWorm campaign compromised 151+ GitHub repos and 72+ VS Code extensions in March 2026 using invisible Unic...
#cybersecurity #npm #supply-chain-security #javascript #open-source #software-development […]
A tiny, zero-dependency React hook to detect clicks outside any element. Fully typed, SSR-safe, and works with Next.js. Under 400 bytes gzipped. #npm
🚀 How to Install and Run Rocket.Chat on Debian VPS This article describes how to install and run Rocket.Chat on Debian VPS. What is Rocket.Chat? Rocket.Chat is an open-source communication platf...
#Guides #Cloud #VPS #certbot #debian #deno #mongodb […]
[Original post on blog.radwebhosting.com]
📢 Just dropped: New RL research!
👻 Ghost campaign returns via malicious #npm packages
⚠️ Phishes sudo passwords + hides behind fake install logs
🔍 www.reversinglabs.com/blog/npm-fak...
🛡️ Ask us about it — + Spectra Assure Community — at Booth #4328 #RSAC2026
iT4iNT SERVER Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials VDS VPS Cloud #Cybersecurity #Crypto #Phishing #Malware #NPM
Command Palette Plus:
Supercharged with AI-powered ranking that learns your habits. Instantly filter categories by typing #git or #npm, powered by a custom, zero-dependency fuzzy search.
Watch This Ad To Continue Vibin
Watch This Ad To Continue Vibin
#npm #javascript #nodejs #Packagemanager #Dystopianfuture
programmerhumor.io/javascript-memes/watch-t...
sup everyone, please check my new 'anywhen' package. its a date formatting tool for any locale in ~800b gzip
it can show: what date exactly, how long ago, smart context picker and future when ahead
anywhen-kappa.vercel.app
#javascript #typescript #opensource #npm #webdev #dateformat #intl #date
winbuzzer.com/2026/03/23/t...
Trivy Breached Twice in a Month via GitHub Actions
#GitHub #GitHubActions #Cybersecurity #Malware #Cybercrime #SecurityBreach #OpenSource #Hackers #npm #Javascript #SoftwareDevelopment #CloudComputing #DataBreaches #Trivy #AquaSecurity #TeamPCP #CanisterWorm
How to Install and Run ArchiveBox on Ubuntu VPS Server in 5 Minutes (Quick Start Guide) This article provides a guide for how to install and run ArchiveBox on Ubuntu VPS server. What is ArchiveBox?...
#Guides #Cloud #VPS #archivebox #install #guide […]
[Original post on blog.radwebhosting.com]
~Socket~
CanisterWorm compromises npm publishers to deploy a Python backdoor via postinstall hooks, using an ICP canister for C2.
-
IOCs: tdtqy-oyaaa-aaaae-af2dq-cai. raw. icp0. io
-
#Malware #SupplyChain #ThreatIntel #npm
Blockchain-Backed Worm Spreads Across npm as Supply Chain Attacks Escalate
#SupplyChain #npm #Cybersecurity #AusNews #SoftwareSecurity
thedailyperspective.org/article/2026-03-22-block...
Alert: Trivy scanner compromised, leading to the spread of CanisterWorm across 47 npm packages. Developers, ensure your dependencies are secure! #CyberSecurity #SupplyChainAttack #npm #Trivy Link: thedailytechfeed.com/trivy-supply...
CanisterWorm verspreidt zich via gehackte npm-pakketten
Cybercriminelen van de groep TeamPCP hebben een gevaarlijke aanval uitgevoerd op Trivy, een veelgebruikte beveiligingstool. De aanvallers gebruikten gestolen inloggegevens om kwaadaardige code te…
#CanisterWorm #npm-pakketten #Trivy
New npm Package: Markdown Extensions
A small, reliable utility that provides a canonical list of Markdown file extensions along with helper functions for detecting and working with them.
👉 www.himpfen.com/markdown-ext...
#opensource #npm #webdesign #webdevelopment
winbuzzer.com/2026/03/21/g...
GhostClaw Fake OpenClaw Installer Steals macOS Dev Credentials
#AI #Ghostclaw #OpenClaw #JFrog #npm #Cybersecurity #Malware #macOS #GitHub #Cybercrime #Hackers #Cyberattacks #DataTheft
The Trivy supply-chain attack unleashed CanisterWorm, infecting 47 npm packages via postinstall hooks. It uses an ICP canister for C2, enabling remote payload updates and persistence via systemd services. #CanisterWorm #TeamPCP #npm
