News

Blockonomi9h

JavaScript Libraries with 2 Billion Weekly Downloads Targeted in Crypto Theft Attempt

NPM supply chain attack compromised 18 popular JavaScript packages, swapping crypto wallet addresses, but quick detection ...
The Hacker News13h

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to ...
PCMag on MSN23h

Hacker Pwns Programmer, Infects Widely Used Software With Malware

The malware was found in 18 npm packages that together are usually downloaded over 2 billion times per week. But the security ...