New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
Visual Studio Magazine

TypeScript 7.0 Beta Arrives on Go-Based Foundation With 10x Speed Claim

Microsoft on Tuesday announced TypeScript 7.0 Beta, marking the public beta debut of the company's Go-based rework of the language's compiler and tooling stack. The release is pos ...
Packaging World

Packaging Under Pressure: Testing, Sustainability, and the New Supply Chain Reality

Eric Hiser, ISTA (00:46): Yeah, Eric Hiser. And I'm on staff at ISTA. I work with our members in the industry to update and ...