GitHub pulls pin on npm's auto-run scripts

The Register
Jun 10, 2026, 9:11 am53 pts
GitHub will change npm's defaults so the install command no longer runs scripts automatically, disabling a feature commonly exploited by malicious packages such as the notorious Shai-Hulud worm. Maintainer Leo Balter said: "Install-time lifecycle scripts are the single largest code-execution surface in the npm…

Read Article Share
Share Article
- email
- x.com
- facebook
- pocket
- reddit
- tumblr
- linkedin
- pinterest

Trending Today on Tech News Tube

Martian mocha, anyone? This futuristic coffee machine uses NASA data to give you a taste of 3 different brews from the next 100 years

TechRadar

Martian mocha, anyone? This futuristic coffee machine uses NASA data to give you a taste of 3 different brews from the next 100 years 125

Somehow Samsung's 55-inch The Frame QLED TV is still in stock and on sale for just $697.99 for Prime Day — get it before the sale ends tonight

TechRadar

Somehow Samsung's 55-inch The Frame QLED TV is still in stock and on sale for just $697.99 for Prime Day — get it before the sale ends tonight 118

‘Lee Cronin’s The Mummy’ Sinks Its Teeth Into HBO Max Next Week

Gizmodo

‘Lee Cronin’s The Mummy’ Sinks Its Teeth Into HBO Max Next Week 116

Google wants AI regulation, but on its own terms

The Register

Google wants AI regulation, but on its own terms 116

Ford had to rehire 350 engineers after its AI got vehicle quality wrong

The Next Web

Ford had to rehire 350 engineers after its AI got vehicle quality wrong 116

Trump Is Threatening 100% Tariffs Again, This Time as Retaliation for Taxes on Big Tech

Gizmodo

Trump Is Threatening 100% Tariffs Again, This Time as Retaliation for Taxes on Big Tech 116

How to See the Giant Asteroid That Will Pass by Earth This Weekend

Wired

How to See the Giant Asteroid That Will Pass by Earth This Weekend 115

Netflix’s ‘The Ribbon Hero’ Anime Looks Wildly Different From Osamu Tezuka’s Classic Manga

Gizmodo

Netflix’s ‘The Ribbon Hero’ Anime Looks Wildly Different From Osamu Tezuka’s Classic Manga 114

About Tech News Tube

Tech News Tube is a real time news feed of the latest technology news headlines.

Follow all of the top tech sites in one place, on the web or your mobile device.

Featured

Asian AI startups launch Mythos-like…

Asian AI startups launch Mythos-like models as Anthropic’s export ban drags on

RAM crisis provokes enthusiast to try…

RAM crisis provokes enthusiast to try Windows 11 on DDR1-era hardware — other…

Apple is reportedly looking to buy chips…

Apple is reportedly looking to buy chips from a US-blacklisted Chinese company

NASA tests AI medic for astronauts too…

NASA tests AI medic for astronauts too far from Earth to call a doctor

US clears Anthropic to restore Mythos 5…

US clears Anthropic to restore Mythos 5 to a small group of cyber defenders, but…

Octopus Energy just announced 30kWh home…

Octopus Energy just announced 30kWh home batteries to compete with Tesla…

The Tata Electronics leak is…

The Tata Electronics leak is overwhelmingly an Apple data set, file index shows

ICYMI: the 7 biggest tech stories of the…

ICYMI: the 7 biggest tech stories of the week, from GTA 6 pre-orders to our Oura…

Apple executive in charge of Vision Pro…

Apple executive in charge of Vision Pro is reportedly leaving for OpenAI

It's looking like a hot, messy summer…

It's looking like a hot, messy summer for security teams as AI finds countless…