A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million weekly downloads. The North Korean state actor Sapphire Sleet compromised the ...

Half a dozen vulnerabilities in the JavaScript ecosystem’s leading package managers — including NPM, PNPM, VLT, and Bun — could be exploited to bypass supply chain attack protections, according to ...

HBBFT is the first practical asynchronous BFT consensus algorithm. DMD Diamond is the first blockchain to combine this cooperative consensus with EVM compatibility. In DMD’s HBBFT implementation, ...

What Happened in the Shai Hulud JavaScript Attack? A major JavaScript supply-chain attack has compromised more than 400 NPM packages — including at least 10 widely used across the crypto ecosystem — ...

The notification arrived on September 14, 2025, at 17:58 UTC. Somewhere in the sprawling npm registry—home to 2.5 million JavaScript packages that power everything from banking apps to smart ...

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. In the emails, the ...

A large-scale supply chain attack on the JavaScript ecosystem has prompted an urgent warning from Ledger’s chief technology officer, Charles Guillemet, who advised users without hardware wallets to ...