资讯

Decrypt1 天

Researchers Uncover Undetectable Malware Draining Crypto Browser Wallets

Security firm Mosyle has disclosed ModStealer, a cross-platform malware that evades antivirus software and targets browser ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

JavaScript packages with billions of downloads were injected with malicious code in world's ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
CoinDesk3 天

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...