News

The Hacker News14h

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

Google Updates Gemini App With Audio File Uploading Capability, Announced Rate Limits

Those on the free tier of Gemini can upload a maximum of 10 minutes of audio and get access to five free prompts per day, as ...
CoinDesk7h

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...
CSO Online8h

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...

Compromised files replace npm packages with a combined 2 billion weekly downloads

The "biggest supply chain attack" in the history of npm took place recently, affecting almost two dozen packages.