News
Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...
The Register on MSN2d
More packages poisoned in npm attack, but would-be crypto thieves left pocket change
Miscreants cost victims time rather than money During the two-hour window on Monday in which hijacked npm versions were ...
The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, ...
3don MSN
How to stay safe if you’re using MetaMask, Phantom, Trust or any crypto wallet from NPM attack
Note: If you’re using MetaMask, Phantom, Trust Wallet, or any crypto app, the advice is simple, take your time, check every ...
JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
Security experts have warned that a newly discovered supply chain attack targeting npm packages is still active and may ...
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Cryptopolitan on MSN3d
NPM attack drains only $500 worth of meme coins
The supply chain npm attack did not steal millions in crypto, despite initial fears. The wallets used in the attack only ...
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...
The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback