JavaScript developers recently got a reminder just how fragile the trust model is with the news that 39 malicious packages were removed from npm, the Node.js package management registry.

The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the ...

Jan 18, 01:43 AM ET: The functional versions of the 'faker' project were forked and are now being maintained by a separate team of open source volunteers at fakerjs.dev, who have released a statement.

Meta is transferring its popular open-source JavaScript testing framework, Jest, to the OpenJS Foundation. Jest is one of Meta's top open-source projects and has proven a popular tool for testing ...