Bleeping Computer

Botched npm Update Crashes Linux Systems, Forces Users to Reinstall

A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot. Changing ownership of these ...
TechRadar

Update this NPM package now, millions of devs told

Cybersecurity researchers have found a high-severity remote code execution (RCE) vulnerability inside a widely used NPM package named Pac-Resolver. According to researcher Tim Perry who found the flaw ...
ZDNet

Npm team warns of new 'binary planting' bug

The team behind npm, the biggest package manager for JavaScript libraries, has issued a security alert yesterday, advising all users to update to the latest version (6.13.4) to prevent "binary ...