JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

NPM supply chain attack compromised 18 popular JavaScript packages, swapping crypto wallet addresses, but quick detection ...

Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads.

A major supply chain attack on the NPM repository briefly threatened crypto users worldwide. Malicious code was pushed into ...

Ledger CTO warns of supply chain cyberattack on JavaScript packages used by over a billion users. Hardware wallets remain ...

Ledger CTO cautions users to halt crypto transactions due to a mass NPM attack that hijacks wallets and loots money.

An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...

According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to ...

Hackers are sharing malicious SVG files which spoof real-life websites in order to trick victims into downloading damaging ...

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

An NPM supply chain attack has prompted Ledger Chief Technology Officer Charles Guillemet to urge crypto users to pause ...

During the two-hour window on Monday in which hijacked npm versions were available for download, malware-laced packages ...