The Hacker News

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...
InfoWorld

Worm flooding npm registry with token stealers still isn’t under control

Goal is to steal Tea tokens by inflating package downloads, possibly for profit when the system can be monetized.
Security Boulevard

Improving Single Sign-On Experiences with OpenID Connect and SCIM

Learn how to improve single sign-on (SSO) experiences using OpenID Connect (OIDC) and SCIM for streamlined authentication and user management.