A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot.

GitHub, part of Microsoft, announced on Monday that it's agreed to acquire open source JavaScript solutions company npm Inc.

Relatively easy to learn and highly scalable, Node.js has become a very popular platform for developing apps. Now npm, a package manager that installs, publishes, and manages node programs, has ...

NPM CEO Bryan Bogensberger has resigned from his position. NPM is known for its free JavaScript tools that are popular with developers.

The Enclave NPM module currently under development will offer smoother project setup in Facebook’s React JavaScript UI library. Enclave provides an NPM for compiling JSX and ECMAScript 2015 code ...

Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors.

When a developer 'unpublished' his work from the NPM JavaScript package registry, it broke dependencies for many other projects -- and highlighted the fragility of the open source ecosystem ...

The npm team recommends that all developers who downloaded or used this JavaScript package in their projects remove the package from their systems and rotate any compromised credentials.

The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the ...