ANOVA con JavaScript: desde la teoría a las herramientas
ANOVA en JavaScript explicado: supuestos, pasos, librerías y herramientas online con ejemplos claros. Contrasta medias con rigor.
npm
Kaspersky finds AdaptixC2 spread via npm typosquatting
Kaspersky found AdaptixC2 delivered via a fake npm package. See tactics, IoCs, and how to cut supply chain risk.
Shai-Hulud worm infects npm packages: a deep dive into the supply-chain incident
A self-spreading npm worm stole secrets and republished packages. See how it works, who’s impacted, key IoCs, and steps to protect your pipeline.
npm security under pressure: wormable attacks, maintainer phishing, and GitHub’s tightened rules
Active npm attacks prompt GitHub to require 2FA, short-lived tokens, and trusted publishing. Learn what happened and how to protect your projects.
Shai-Hulud npm supply-chain worm hits hundreds of projects
Self-propagating npm attack “Shai-Hulud” compromised 187+ packages, stealing CI/CD secrets. Learn its impact, origin, and key steps to stay secure.
Widespread NPM Supply Chain Attack Shakes the JavaScript Ecosystem
Mass NPM supply-chain breach hit 4,500+ projects. Stealth payloads, minimal theft so far. Key risks, indicators, and mitigations explained.
Attackers abused Ethereum smart contracts to hide npm malware, ReversingLabs finds
Npm packages used an Ethereum smart contract to fetch C2 URLs and evade detection. Learn how it worked, the GitHub angle, and key IoCs.
Attackers abused Ethereum smart contracts to hide npm malware, ReversingLabs finds
ReversingLabs uncovers npm packages using an Ethereum contract to fetch C2 URLs and deliver second-stage malware. See how it worked and the IoCs.
Malicious npm packages used Ethereum smart contracts to conceal payload links
Two npm packages used Ethereum smart contracts to mask C2 links, tied to fake GitHub repos. See IoCs and how developers can reduce risk.