News

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
CSO Online2d

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...
CryptoNewsZ2d

npm “debug” Attack Fails, Ledger CTO Confirms Minimal Impact

"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...
Cyber Daily2d

18 popular JavaScript code packages hacked to spread malware

Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of victims.
Crypto News2d

“Avoid On-Chain Transactions”: Ledger CTO Issues Urgent Warning After JavaScript Attack

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Largest supply chain attack in history targets crypto users through compromised JavaScript packages

A new cyberattack is silently targeting crypto from users during transactions amid an incident that security researchers ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...