npm package - Robuta Search

https://www.contextractor.com/help/npm/ Contextractor npm package — command-line content extraction 🧰 Apr 14, 2026 - Install Contextractor via npm and extract clean content from websites. Full command reference, config file options, and extraction settings. 🔧🛠 npm package command line content extraction https://www.aikido.dev/blog/npm-malware-g-wagon-python-stealer-crypto-wallets G_Wagon: npm Package Deploys Python Stealer Targeting 100+ Crypto Wallets Jan 28, 2026 - npm package ansi-universal-ui delivers GWagon infostealer targeting 100+ crypto wallets, browser credentials, and cloud keys. We analyzed all 10 versions as... npm package crypto wallets wagon python targeting https://safedep.io/malicious-forge-jsx-npm-rat/ forge-jsx npm Package: Purpose-Built Multi-Platform RAT - Real-time Open Source Software Supply... forge-jsx poses as an Autodesk Forge SDK on npm. On install it deploys a system-wide keylogger, recursive .env file scanner, shell history exfiltrator, and a... open source software npm package real time forge jsx https://bundlejs.com/?q=%40solid-primitives%2Fmouse&treeshake=%5B%7BcreateMousePosition%7D%5D&config=%7B%22esbuild%22%3A%7B%7D%7D bundlejs - Online bundler + npm package size checker A quick and easy way to bundle, minify, and compress (gzip and brotli) your ts, js, jsx and npm projects all online, with the bundle file size. npm package online bundler size checker https://bundlephobia.com/blog Bundlephobia ❘ cost of adding a npm package npm package cost adding https://forgejo.org/docs/latest/user/packages/npm/ npm Package Registry | Forgejo – Beyond coding. We forge. npm package registry forgejo beyond coding https://research.jfrog.com/post/ghostclaw-unmasked/ GhostClaw Unmasked: A Malicious npm Package Impersonating OpenClaw to Steal Everything - JFrog... The JFrog Security research team has identified a malicious npm package named @openclaw-ai/openclawai. This package masquerades as a legitimate CLI tool called npm package unmasked openclaw steal everything https://bundlejs.com/?q=%40solid-primitives%2Fwebsocket&treeshake=%5B%7BmakeWS%7D%5D&config=%7B%22esbuild%22%3A%7B%7D%7D bundlejs - Online bundler + npm package size checker A quick and easy way to bundle, minify, and compress (gzip and brotli) your ts, js, jsx and npm projects all online, with the bundle file size. npm package online bundler size checker https://pkg-size.dev/ pkg-size | Find the true size of a npm package Find the true size of an npm package npm package pkg size find true https://www.spartechsoftware.com/cybersecurity-news/ai-generated-malicious-npm-package-targets-solana-wallets-drains-crypto-from-1500-users-before-being-taken-down/ AI-generated malicious npm package targets Solana wallets. Drains crypto from 1,500 users before... Aug 1, 2025 - A newly discovered, AI-generated malicious npm package targeting Solana wallet users has resulted in significant cryptocurrency losses before it was taken... ai generated npm package 500 users targets solana https://bundlejs.com/ bundlejs - Online bundler + npm package size checker A quick and easy way to bundle, minify, and compress (gzip and brotli) your ts, js, jsx and npm projects all online, with the bundle file size. npm package online bundler size checker https://safedep.io/malicious-js-logger-pack-npm-stealer/ Malicious npm Package js-logger-pack Ships a Multi-Platform WebSocket Stealer - Real-time Open... js-logger-pack spent three weeks on npm evolving from a probe into a full infostealer and then a binary dropper. Early versions installed an SSH backdoor,... npm package real time js logger ships https://bundlejs.com/?q=%40solid-primitives%2Fcontext&treeshake=%5B%7BMultiProvider%7D%5D&config=%7B%22esbuild%22%3A%7B%7D%7D bundlejs - Online bundler + npm package size checker A quick and easy way to bundle, minify, and compress (gzip and brotli) your ts, js, jsx and npm projects all online, with the bundle file size. npm package online bundler size checker https://gitlab.com/eyeo/browser-extensions-and-premium/extensions/extensions/-/commit/3d7329f3bdee4f0425b27f052eac4df3fb1fddb3 build: Pinned npm package versions (3d7329f3) · Commits · eyeo / Browser Extensions and Premium /... ## Context npm is commonly used as an attack vector by introducing malicious packages somewhere in the dependency chain. For this reason we do have... npm package browser extensions build pinned versions https://bundlejs.com/?q=%40solid-primitives%2Fhistory&treeshake=%5B%7BcreateUndoHistory%7D%5D&config=%7B%22esbuild%22%3A%7B%7D%7D bundlejs - Online bundler + npm package size checker A quick and easy way to bundle, minify, and compress (gzip and brotli) your ts, js, jsx and npm projects all online, with the bundle file size. npm package online bundler size checker https://www.infoworld.com/article/4135459/compromised-npm-package-silently-installs-openclaw-on-developer-machines-2.html Compromised npm package silently installs OpenClaw on developer machines | InfoWorld Feb 23, 2026 - While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access. npm package compromised installs openclaw developer https://bundlejs.com/?q=%40floating-ui%2Fdom&treeshake=%5B%7B%0A++computePosition%2Cshift%2ClimitShift%2Cflip%2Chide%2Coffset%2Carrow%2CautoPlacement%2Csize%2Cinline%2CautoUpdate%0A%7D%5D&config=%7B%22compression%22%3A%22brotli%22%7D bundlejs - Online bundler + npm package size checker A quick and easy way to bundle, minify, and compress (gzip and brotli) your ts, js, jsx and npm projects all online, with the bundle file size. npm package online bundler size checker https://www.trendmicro.com/en_us/research/26/c/axios-npm-package-compromised.html Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly... supply chain attack npm package http client axios compromised https://nodejs.org/learn/getting-started/an-introduction-to-the-npm-package-manager An introduction to the npm package manager | Node.js Learn an introduction npm package node js manager learn https://www.csoonline.com/article/4135449/compromised-npm-package-silently-installs-openclaw-on-developer-machines.html Compromised npm package silently installs OpenClaw on developer machines | CSO Online Feb 20, 2026 - While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access. npm package cso online compromised installs openclaw https://safedep.io/malicious-npm-mgc-compromised-rat/ Compromised npm Package mgc Deploys Multi-Platform RAT - Real-time Open Source Software Supply... The npm package mgc was compromised via account takeover, with four malicious versions published in rapid succession deploying a full Remote Access Trojan... open source software npm package real time compromised mgc https://npmx.dev/ npmx - Package Browser for the npm Registry a fast, modern browser for the npm registry. Search, browse, and explore packages with a modern interface. npmx package browser registry https://www.sonatype.com/blog/axios-compromise-on-npm-introduces-hidden-malicious-package Axios Compromise on npm Introduces Hidden Malicious Package Apr 2, 2026 - Malicious axios versions introduced a hidden dependency, exposing systems via npm supply chain attack, targeting trusted packages and dependencies. axios compromise npm introduces hidden https://blackthorn-vision.com/blog/yarn-vs-npm-deciding-on-the-best-package-manager/ Yarn vs NPM: Choosing the Right Package Manager Differences between Yarn and NPM, the two popular JavaScript package managers. Speed, security, and features compared. the right package manager yarn vs npm https://npmtrends.com/ npm trends: Compare NPM package downloads Which NPM package should you use? Compare packages download stats, bundle sizes, github stars and more. Spot trends, pick the winner. npm trends compare package downloads https://blog.npmjs.org/post/147012483540/package-tarball-read-outage-today.html npm Blog Archive: package tarball read outage today npm Blog (Archive); updates from the npm team are now published on the GitHub Blog and the GitHub Changelog blog archive npm package tarball read https://www.infoworld.com/article/4122299/unplugged-holes-in-the-npm-and-yarn-package-managers-could-let-attackers-bypass-defenses-against-shai-hulud.html Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against... Jan 26, 2026 - A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ‘the JavaScript ecosystem deserves... in the package managers unplugged holes npm