Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack Crims have added backdoors to at least ...

New malware distribution technique on npm uses Ethereum blockchain smart contracts to conceal malicious commands.

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...

Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.

Hackers are now exploiting vulnerabilities in widely-used NPM coding libraries to inject malware into Ethereum smart ...

Hackers used the secrets stolen in the recent Nx supply chain attack to publish over 6,700 private repositories publicly.

Charles Guillemet, Chief Technology Officer at Ledger, warned on Monday of a large-scale supply chain attack targeting crypto software wallets after the Node Package Manager (NPM) account of ...

Simple-looking code tapped Ethereum’s blockchain to fetch hidden URLs that directed compromised systems to download ...

Traditional methods often involved using trusted services like GitHub or Google Drive to host harmful links, but now, by embedding commands within Ethereum smart contracts, attackers are able to ...

ReversingLabs reveals hackers using Ethereum Smart contracts in NPM packages to conceal malware URLs, bypass scans, and ...