Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub

Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
How-To Geek on MSN

NPM packages are infected with malware, again

Shai Hulud v2 infected 500+ npm packages (700+ versions) and spilled into Java/Maven — yikes. Compromised packages run a ...
Wired

Microsoft and GitHub Strengthen Their Hold on Open Source

Microsoft will soon control more of the open source software development ecosystem. GitHub, which Microsoft bought in 2018, said Monday that it will acquire NPM, which offers a crucial service for ...
TechCrunch

GitHub nabs JavaScript packaging vendor npm

GitHub, the developer repository owned by Microsoft, made a little deal of its own this morning when it bought JavaScript packaging vendor npm for an undisclosed amount. As GitHub CEO Nat Friedman ...
adtmag.com

GitHub Reveals Most Popular Programming Languages

Source code repository hoster GitHub has listed the most popular programming languages used on its site, tracking usage trends since it launched in 2008. It revealed few surprises, mostly matching up ...
Computerworld

GitHub trends show programming language fragmentation

GitHub’s increasing popularity, and the availability of its usage data, make it a good source for examining trends in software development. For example, I’ve used their data in the past to look at ...