5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

GitHub tightens npm security with mandatory 2FA, access tokens

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale ...
InfoWorld

Npm founder foresees merger of Node.js and io.js

Isaac Schlueter has been quite active in the Node.js community, having been involved in development of both Node.js and its io.js fork. The creator of Npm (node package manager) and the CEO of Npm Inc ...