News

CoinDesk11h

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...
Cyber Security Intelligence22h

North Korean Hackers Evade Detection

N Korea's expert hackers use social engineering tactics to target job seekers in the cryptocurrency & blockchain sectors.

Compromised files replace npm packages with a combined 2 billion weekly downloads

The "biggest supply chain attack" in the history of npm took place recently, affecting almost two dozen packages.

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...
CSO Online12h

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...
Developer Tech12h

Escalating npm supply chain malware attack drains crypto wallets

An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...
InsideBitcoins15h

NPM Hack Puts 1 Billion Crypto Wallets At Risk As Ledger CTO Urges Users To Halt Transactions

An NPM supply chain attack has prompted Ledger Chief Technology Officer Charles Guillemet to urge crypto users to pause ...