npm package security

BigTech Companies

19 Malicious Visual Studio Code Extensions Uncovered

December 12, 2025
Red chess knight piece surrounded by digital network and binary code.

A malicious campaign used 19 Visual Studio Code extensions to hide malware, often by embedding a tampered npm package or…

Read More »
Business

Secure SDLC: A Manufacturer’s Critical Defense

December 11, 2025
Automated factory line assembling electric vehicle chassis with robotic arms.

The Jaguar Land Rover cyberattack was a catastrophic manufacturing breach that halted production, caused billions in economic damage, and forced…

Read More »
Artificial Intelligence

Critical RCE Flaw Found in Popular expr-eval JavaScript Library

November 11, 2025
The NPM logo in white text within a red box against a dark blue and black gradient background.

A critical remote code execution vulnerability (CVE-2025-12735) has been found in the widely used expr-eval JavaScript library, affecting over 800,000…

Read More »