eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

221
active users

#npm

3 posts3 participants1 post today
rtn<p>I just got a fishing email claiming to be from npm. There's a login link in the mail pointing to npNjs.com</p><p><a href="https://chaos.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://chaos.social/tags/fishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fishing</span></a></p>
The New Oil<p>North Korean <a href="https://mastodon.thenewoil.org/tags/XORIndex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XORIndex</span></a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> hidden in 67 malicious <a href="https://mastodon.thenewoil.org/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> packages</p><p><a href="https://www.bleepingcomputer.com/news/security/north-korean-xorindex-malware-hidden-in-67-malicious-npm-packages/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/north-korean-xorindex-malware-hidden-in-67-malicious-npm-packages/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a></p>
securityaffairs<p><a href="https://infosec.exchange/tags/North" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>North</span></a> <a href="https://infosec.exchange/tags/Korea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Korea</span></a>-linked actors spread <a href="https://infosec.exchange/tags/XORIndex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XORIndex</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> via 67 malicious <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> packages<br><a href="https://securityaffairs.com/179950/hacking/north-korea-linked-actors-spread-xorindex-malware-via-67-malicious-npm-packages.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/179950/hac</span><span class="invisible">king/north-korea-linked-actors-spread-xorindex-malware-via-67-malicious-npm-packages.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a></p>
Luke Nelson<p>Who are the 5 people a week downloading this? 😂 <a href="https://www.npmjs.com/package/babel-plugin-glowup-vibes" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">npmjs.com/package/babel-plugin</span><span class="invisible">-glowup-vibes</span></a></p><p><a href="https://social.nelson.zone/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://social.nelson.zone/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webdev</span></a> <a href="https://social.nelson.zone/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://social.nelson.zone/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>typescript</span></a></p>
Nube Colectiva<p>List of NPM Commands ! 🇺🇸<br>🔎Zoom: <a href="https://nubecolectiva.com/comunidad/flyers/list-commands-npm/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nubecolectiva.com/comunidad/fl</span><span class="invisible">yers/list-commands-npm/</span></a></p><p>Lista de Comandos NPM ! 🇪🇸<br>🔎Zoom: <a href="https://nubecolectiva.com/comunidad/flyers/lista-comandos-npm/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nubecolectiva.com/comunidad/fl</span><span class="invisible">yers/lista-comandos-npm/</span></a> <br> <br><a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>programming</span></a> <a href="https://mastodon.social/tags/coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>coding</span></a> <a href="https://mastodon.social/tags/programaci%C3%B3n" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>programación</span></a> <a href="https://mastodon.social/tags/webdevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webdevelopment</span></a> <a href="https://mastodon.social/tags/devs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>devs</span></a> <a href="https://mastodon.social/tags/softwaredevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwaredevelopment</span></a> <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://mastodon.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nodejs</span></a></p>
Nick Escobar<p>Install 'steploop', with npm:<br><a href="https://www.npmjs.com/package/steploop" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">npmjs.com/package/steploop</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/steploop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>steploop</span></a> <a href="https://infosec.exchange/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>typescript</span></a> <a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a></p>
Nick Escobar<p>Today, I released 'steploop', a TypeScript/JavaScript package that provides a fully-featured main-loop which acts as a strong foundation for building loops that execute at a consistent, specified rate. It is inspired by game engine main-loops like Godot's MainLoop or Unity's Update() loop.</p><p>Source code: <a href="https://github.com/nickesc/steploop" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/nickesc/steploop</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/steploop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>steploop</span></a> <a href="https://infosec.exchange/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>typescript</span></a> <a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a></p>
Nick Escobar<p>To see ‘steploop’ in action, visit the demo page.</p><p>Demo page: <a href="https://nickesc.github.io/steploop/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">nickesc.github.io/steploop/</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/steploop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>steploop</span></a> <a href="https://infosec.exchange/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>typescript</span></a> <a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a></p>
Frontend Dogma<p>30 Years of JavaScript: 10 Milestones That Changed the Web, by <span class="h-card" translate="no"><a href="https://mastodon.social/@ricmac" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ricmac</span></a></span> (<span class="h-card" translate="no"><a href="https://hachyderm.io/@TheNewStack" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>TheNewStack</span></a></span>):</p><p><a href="https://thenewstack.io/30-years-of-javascript-10-milestones-that-changed-the-web/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thenewstack.io/30-years-of-jav</span><span class="invisible">ascript-10-milestones-that-changed-the-web/</span></a></p><p><a href="https://mas.to/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://mas.to/tags/anniversaries" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>anniversaries</span></a> <a href="https://mas.to/tags/history" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>history</span></a> <a href="https://mas.to/tags/ecmascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ecmascript</span></a> <a href="https://mas.to/tags/ajax" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ajax</span></a> <a href="https://mas.to/tags/jquery" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>jquery</span></a> <a href="https://mas.to/tags/web2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>web2</span></a>.0 <a href="https://mas.to/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nodejs</span></a> <a href="https://mas.to/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://mas.to/tags/react" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>react</span></a> <a href="https://mas.to/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>typescript</span></a> <a href="https://mas.to/tags/webassembly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webassembly</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>npm run you fools</p><p><a href="https://mastodon.social/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://mastodon.social/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webdev</span></a> <a href="https://mastodon.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nodejs</span></a> <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a></p>
BastilleBSD :freebsd:<p>Are npm packages and dependencies an unmitigated disaster, or is it just me?</p><p><a href="https://fosstodon.org/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://fosstodon.org/tags/dependencyhell" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dependencyhell</span></a></p>
Linuxiac<p>Nginx Proxy Manager 2.12.4 lands with API schema fixes, performance improvements, and a batch of new DNS providers for Certbot plugin support.<br><a href="https://linuxiac.com/nginx-proxy-manager-2-12-4-released-with-certbot-enhancements/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">linuxiac.com/nginx-proxy-manag</span><span class="invisible">er-2-12-4-released-with-certbot-enhancements/</span></a></p><p><a href="https://mastodon.social/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a> <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://mastodon.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
The New Oil<p>New wave of ‘fake interviews’ use 35 <a href="https://mastodon.thenewoil.org/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> packages to spread <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p><p><a href="https://www.bleepingcomputer.com/news/security/new-wave-of-fake-interviews-use-35-npm-packages-to-spread-malware/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/new-wave-of-fake-interviews-use-35-npm-packages-to-spread-malware/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> <a href="https://mastodon.thenewoil.org/tags/JobHunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JobHunting</span></a></p>
Beπ<p>GoWM : Le Wasm Manager qui va Révolutionner tes Projets JavaScript ✨<br><a href="https://www.devbyben.fr/blog/gowm-le-wasm-manager-qui-va-revolutionner-tes-projets-javascript" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">devbyben.fr/blog/gowm-le-wasm-</span><span class="invisible">manager-qui-va-revolutionner-tes-projets-javascript</span></a> <a href="https://piaille.fr/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://piaille.fr/tags/webassembly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webassembly</span></a> <a href="https://piaille.fr/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://piaille.fr/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
Chris Wysopal<p>Are you reviewing your NPM dependancies for malicious code? <a href="https://infosec.exchange/tags/devsecops" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>devsecops</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a><br><a href="https://www.scworld.com/news/complex-npm-attack-uses-7-plus-layers-of-obfuscation-to-spread-pulsar-rat" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">scworld.com/news/complex-npm-a</span><span class="invisible">ttack-uses-7-plus-layers-of-obfuscation-to-spread-pulsar-rat</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> found in <a href="https://mastodon.thenewoil.org/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NPM</span></a> packages with 1 million weekly downloads</p><p><a href="https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-gluestack-npm-packages-with-960k-weekly-downloads/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/supply-chain-attack-hits-gluestack-npm-packages-with-960k-weekly-downloads/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
The New Oil<p>Malicious <a href="https://mastodon.thenewoil.org/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> packages posing as utilities delete project directories</p><p><a href="https://www.bleepingcomputer.com/news/security/malicious-npm-packages-posing-as-utilities-delete-project-directories/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/malicious-npm-packages-posing-as-utilities-delete-project-directories/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Hackread.com<p>🚨 Hidden backdoors found in npm packages allow attackers to remotely wipe entire systems, raising serious supply chain security concerns. </p><p>Read: <a href="https://hackread.com/backdoors-npm-packages-attackers-wipe-systems/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/backdoors-npm-pac</span><span class="invisible">kages-attackers-wipe-systems/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NPM</span></a> <a href="https://mstdn.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://mstdn.social/tags/Backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backdoor</span></a> <a href="https://mstdn.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a></p>
Sam Stepanyan :verified: 🐘<p><a href="https://infosec.exchange/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NPM</span></a>: New Supply Chain <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> Hits NPM and <a href="https://infosec.exchange/tags/PyPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PyPI</span></a> Package Ecosystems. <a href="https://infosec.exchange/tags/ReactNative" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReactNative</span></a>-Aria &amp; <a href="https://infosec.exchange/tags/GlueStack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GlueStack</span></a> packages with cumulative 1mln+ weekly downloads backdoored overnight - check your dependencies!<br><a href="https://infosec.exchange/tags/SoftwareSupplyChainSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareSupplyChainSecurity</span></a><br>👇<br><a href="https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/06/new-</span><span class="invisible">supply-chain-malware-operation-hits.html</span></a></p>
Timo<p>New release of the Total-Serialism library for JavaScript with many bug fixes and updates is on github/npm!</p><p><a href="https://github.com/tmhglnd/total-serialism/releases/tag/v2.10.2" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/tmhglnd/total-seria</span><span class="invisible">lism/releases/tag/v2.10.2</span></a></p><p><a href="https://www.npmjs.com/package/total-serialism" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">npmjs.com/package/total-serial</span><span class="invisible">ism</span></a></p><p>total-serialism is a set of functions used for procedurally generating and transforming number sequences (mainly in the form of arrays). This library does not output anything else then numbers, but can therefore be integrated with frameworks like P5js, ToneJS, Node4Max, Hydra and any other javascript based project you want to generate arrays for.</p><p><a href="https://social.toplap.org/tags/algorithmicmusic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>algorithmicmusic</span></a> <a href="https://social.toplap.org/tags/generativemusic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>generativemusic</span></a> <a href="https://social.toplap.org/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://social.toplap.org/tags/library" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>library</span></a> <a href="https://social.toplap.org/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a> <a href="https://social.toplap.org/tags/serialism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>serialism</span></a> <a href="https://social.toplap.org/tags/algorithms" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>algorithms</span></a></p>