February 9, 2023
Aabquerys is a malicious npm package discovered typosquatting on a legitimate npm module that downloads malicious components, ReversingLabs discovered.
September 23, 2022
ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis. (Updated with MachO executable information.)
September 14, 2022
OpenSSF's npm best practices: A solid first step for supply chain security — but trust issues remain
Here's what you need to know about the new OpenSSF npm security best practices.