TECH NEWS

Npm registry sets stage for more secure package publishing

AI + ML

All the world's a stage, and all the packages are merely players

GitHub's npm package registry has rolled out a publishing approval step to prevent the distribution of compromised packages before they can poison the software supply chain.

Modern software development relies on imported bundles of code known as packages (and sometimes libraries or modules). In the past decade or so, miscreants have focused on gaining access to the accounts of package maintainers. Subverting a widely used package offers a fast track to malware distribution.

Last December, amid the Shai-Hulud 2.0 campaign that compromised software packages, GitHub described a series of planned security measures intended to harden security for npm package publishers.

One of the measures, staged publishing, has now been implemented. GitHub on Wednesday merged npm stage into npm CLI (v11.15.0) and has updated the registry documentation that describes the process.

Staged publishing might...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

https://media.wired.com/photos/6a0e2350a38dc9cb19f6761a/191:100/w_1280,c_limit/Best%20Air%20Conditioners%20top%20art%20052026%20SOURCE%20Amazon.jpg

Best Window Air Conditioners of 2026: Midea, Zafro, GE

* Photograph: Chris Null * Photograph: Chris Null Optima Series 12,000 BTU 23 SEER2 Ultra Heat Mini-Split AC Heat pump technology keeps getting more accessible, which is terrific: It's far more efficient than air conditioner technology as a means of heating and cooling the house. I'm still

https://platform.theverge.com/wp-content/uploads/sites/2/2026/05/firefox-project-nova-hero.png?quality=90&strip=all&crop=0%2C3.4613147178592%2C100%2C93.077370564282&w=1200

Firefox is working on a rounded redesign with easy-to-find controls for privacy and AI

Stevie Bonifield is a news writer covering all things consumer tech. Stevie started out at Laptop Mag writing news and reviews on hardware, gaming, and AI. Firefox is getting a drastic visual overhaul with a redesigned Settings section that will make it easier to find and use privacy settings, including

https://image.theregister.com/5244497.jpg?imageId=5244497&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

HackerOne takes an axe to its bug bounty rewards

Finding vulns just doesn't pay like it used to. At least one bug hunter who found an open source security flaw and reported it months ago via HackerOne’s backlogged Internet Bug Bounty (IBB) program finally got paid for his work - but at a drastically reduced reward

https://imgproxy.divecdn.com/aUCvjOogge_9TpkN0fuDVkQB_6cIQv-rsO8mCJar3r0/g:ce/rs:fit:770:435/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9jaW9fck5COU1uRC5qcGc=.webp

CIOs need a people strategy for AI to scale

CAMBRIDGE, Mass. — CIOs are well-versed in the interconnected dependencies of people, process and technology. These days, AI is compressing all three areas of the classic framework — challenging business operating models and pushing CIOs out of their technology orientation as they tackle a broader remit. “At the end of the day,

Read more

Best Window Air Conditioners of 2026: Midea, Zafro, GE

Firefox is working on a rounded redesign with easy-to-find controls for privacy and AI

HackerOne takes an axe to its bug bounty rewards

CIOs need a people strategy for AI to scale