A new batch of malicious JavaScript libraries has been found in NPM's package repository.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

25 malicious JavaScript libraries have made their way to the official NPM package registry. The libraries leveraged typosquatting techniques and masqueraded as other legitimate packages. Two rogue packages, named markedjs and crypto-standarts, stand out for their role as duplicate trojan packages.

25 Malicious JavaScript Libraries Distributed via Official NPM Package Repository