News

Krebs on Security17h

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...

Ledger CTO warns of shocking NPM attacks by crypto hackers

The two exploited NPM packages, both uploaded in July, are: colortoolsv2. mimelib2. The dangerous code allowed the malware to evade security detection and ask for the next-stage p ...

Google Chrome users alert! Hackers can steal your sensitive data if you don’t do this

Govt has issued a warning for vulnerabilities in Google Chrome that could allow remote attackers to execute arbitrary code ...
Techrights5h

Links 09/09/2025: “Torrents of Hate” and Political Crisis in France

The 'Scattered Lapsus$ Hunters' group has taken credit for the cyberattack on JLR. The luxury brand, which the Tata Group ...

Korean Hyundai workers arrested in immigration raid had special skills for short-term jobs, attorney says

Daniela Rodriguez, executive director of Migrant Equity Southeast, said immigrants from Mexico, Guatemala, Colombia, Chile, ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
InfoWorld19h

Groovy 5 expands Java and JDK support

Latest release of the JVM language also features hundreds of new and improved extension methods including 10x faster arrays.
Infosecurity Magazine4h

Open Source Community Thwarts Massive npm Supply Chain Attack

What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source ...