Ars Technica

Devs unknowingly use “malicious” modules snuck into official Python repository

The official repository for the widely used Python programming language has been tainted with modified code packages, a computer security authority in Slovakia warned. The authority also said the ...
Bleeping Computer

BIG sabotage: Famous npm package deletes files to protest Ukraine war

This month, the developer behind the popular npm package 'node-ipc' released sabotaged versions of the library in protest of the ongoing Russo-Ukrainian War. Newer versions of the 'node-ipc' package ...