News

Ledger CTO warns of shocking NPM attacks by crypto hackers

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...
CoinDesk1h

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Phishing attack nets enormous npm supply chain compromise

A successful phishing attack against a developer has resulted in one of the largest supply chain compromises to date, adding ...
The Hacker News5d

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers

Two npm packages hide downloader commands via Ethereum smart contracts; uploaded July 2025; targeting crypto developers.
Crypto News5d

Hackers Exploit Ethereum to Inject Malware in Popular Coding Libraries

Hackers are exploiting Ethereum smart contracts to inject malware into popular NPM coding libraries, using packages to run ...

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
CSO Online5d

Malicious npm packages use Ethereum blockchain for malware delivery

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...
ZDNet6y

npm bans terminal ads - ZDNET

After last week a popular JavaScript library started showing full-blown ads in the npm command-line interface, npm, Inc., the company that runs the npm tool and website, has taken a stance and ...