sortedmy

The CanisterWorm attack made me audit my own node_modules. What I found: path-to-regexp with HIGH severity + 3 packages 2000+ days old.

Full story: https://dev.to/profiterole/the-canisterworm-npm-attack-made-me-audit-my-own-nodemodules-heres-what-i-found-499c
npx node-weight

#nodejs #npm #security #devtools

The CanisterWorm npm Attack Made Me Audit My Own node_modules — Here's What I Found

On March 20, 2026, the CanisterWorm attack hit npm. A malicious package slipped into thousands of...

DEV Community
Apr 3 at 11:08pmProfiterole