Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Firefox 150 turns its PDF viewer into a real PDF editor

Firefox 150 adds page reordering, exporting, and image saving to its built-in PDF viewer, plus split-view improvements and ...
Hosted on MSN

Firefox 150 enhances PDF tools as Anthropic limits AI release

Mozilla has rolled out Firefox 150 with expanded PDF editing features, improved split-screen navigation, and fixes for dozens of security vulnerabilities. The update also brings enhancements to ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
GitHub

OlofFredriksson/find-package-imports

includeImportRegexp (RegExp, optional): Only include imports that match this regular expression. excludeImportRegexp (RegExp, optional): Exclude imports that match this regular expression.
Bleeping Computer

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...
Daily Tech News Show

Popular JavaScript Package Axios Gets Compromised – DTNS 5237

Meta adds two new Ray-Ban frames meant to make them more prescription-lens friendly, and Samsung’s new app plays ultra-low frequencies into most earbuds to help reduce motion sickness.
GitHub

louiss0/javascript-package-delegator

This eliminates the need to remember different commands or continuously switch between package managers when collaborating in diverse teams or managing multiple projects. jpd provides a unified ...