BlogAlert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of UkraineMarch 16, 2022
BlogNew Log4j 2.17.1 fixes CVE-2021-44832 remote code execution (but it’s not as bad as it sounds)December 29, 2021
BlogHow to effectively detect and mitigate Trojan Source attacks in JavaScript codebases with ESLintNovember 10, 2021
BlogDetect and prevent dependency confusion attacks on npm to maintain supply chain securitySeptember 13, 2021