Multiple npm packages compromised by phishing attack in attempt to spread crypto malware to billions of victims.

Charles Guillemet, Chief Technology Officer at Ledger, warned on Monday of a large-scale supply chain attack targeting crypto software wallets after the Node Package Manager (NPM) account of ...

Ledger’s chief technology officer issued an urgent warning on Monday after discovering what he described as a large-scale ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

Ledger CTO Charles Guillemet warned of compromised JavaScript code packages that could silently swap crypto addresses to ...

Less $50 worth of crypto has been stolen from the large-scale JavaScript libraries attack on Monday, which targeted Ethereum ...

Experts say a prominent developer was phished. The attack requires user interaction to succeed. Still, cybersecurity experts ...

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...

Hackers hijacked popular web code to steal crypto. Users must check every wallet transaction to avoid losing funds.

According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to silently swap crypto wallet addresses in transactions. That means unsuspecting ...

Ledger CTO cautions that there is an NPM supply chain attack on the rampage. He encouraged users to cease risky on-chain ...

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...