News

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing …

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

'Widespread' Crypto Exploit That Created Panic Steals Only $1K From Users

The "largest npm compromise in history" targeting crypto wallets through JavaScript packages has netted hackers just $1,043.

Exclusive: 'We will see more attacks' Ledger CTO warns after NPM breach

Charles Guillemet says a phishing-led supply-chain breach could have become a systemic disaster for crypto users.

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...
Krebs on Security2d

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Security Boulevard8m

How npm Security Collapsed Thanks To a 2FA Exploit

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...
Cyber Daily1d

18 popular JavaScript code packages hacked to spread malware

Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of ...
InfoWorld15h

9 vital concepts of modern JavaScript

JavaScript is a sprawling and ever-changing behemoth, and may be the single-most connective piece of web technology. From AI ...