CSOonline

Attacks increasingly use malicious HTML email attachments

New research shows that up to a half of all HTML email attachments are malicious, and not just because of a few massive campaigns. Researchers warn that attackers are relying more on malicious HTML ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing email is all it ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
InfoWorldOpinion

NPM attacks and the security of software supply chains

Process improvements and a closer look at funding streams will provide far more protection for the open source software we ...
The Hacker News

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...
InfoWorld

Intro to HTMX: Dynamic HTML without JavaScript

HTMX is the HTML extension syntax that replaces JavaScript with simple markup. It could change the course of web development. HTMX lets you use an extended HTML syntax instead of JavaScript to achieve ...