Hackers are exploiting Ethereum smart contracts to inject malware into popular NPM coding libraries, using packages to run ...

Two npm packages hide downloader commands via Ethereum smart contracts; uploaded July 2025; targeting crypto developers.

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...

In contrast, colortoolsv2 and mimelib2 leveraged Ethereum smart contracts to store and deliver the URLs used for fetching the ...

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...

New malware distribution technique on npm uses Ethereum blockchain smart contracts to conceal malicious commands.

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Malware targeting Ethereum smart contracts is not entirely new. Earlier this year, the North Korean-affiliated Lazarus Group ...

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the two ...

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...

ReversingLabs uncovered two NPM packages using Ethereum smart contracts to hide malicious URLs and bypass security scans.