Browsing Tag
npm
32 posts
Microsoft’s npm Packages Got Backdoored. Again. And AI Agents Pulled the Trigger.
73 cryptographically signed npm packages from Microsoft were compromised last week with advanced credential-stealing malware that fires the…
The 5.2 kB editor I had to write because nothing else fit
I just needed a text box. Why was that so hard? The story of building my own simple,…
Why I Stopped Writing 15 * 60 * 1000 in Every Project
Let me be honest with you. Every time I start a new Node.js project, I copy-paste this from…
Modern JavaScript Tooling Explained: npm, npx, pnpm, Yarn & Bun
🧠 Introduction (Context Setting) Modern JavaScript development is no longer just about writing code—it’s about managing an ecosystem…
🚨 npm Vulnerabilities Are Growing — A Practical Defense Using OSV.dev in React Native
As we know, npm packages are getting hacked day by day. From malicious package injections to supply chain…
The Documentation Attack Surface: How npm Libraries Teach Insecure Patterns
Most security audits focus on code. But across five reviews of high-profile npm libraries — totaling 195 million…
Axios Has 100 Million Weekly Downloads. North Korea Backdoored It in 39 Minutes.
Yesterday — March 31, 2026 — a North Korea-linked threat actor hijacked the npm account of an Axios…
I built a rate limiter that’s 9x faster than rate-limiter-flexible – benchmarks included
The Problem With express-rate-limit, tiered limits require: Creating 3 separate limiter instances Writing manual routing logic 25 lines…
Stop npm i-ing Blind: How I Catch Malicious Packages Before They Hit Production
Stop npm i-ing Blind: Catch Malicious Packages Before They Hit Production Most developers assume their dependencies are “safe…
