News

Crypto stolen by hackers in largest NPM attack

The recent attack on the Node Package Manager (NPM) packages of a well-known developer, Josh Junon, known as "qix," has been ...

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after ...

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
Crypto News13h

“Avoid On-Chain Transactions”: Ledger CTO Issues Urgent Warning After JavaScript Attack

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...
Krebs on Security11h

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...