资讯

Security Boulevard1 天

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

Secure Code Warrior Expands Commitment to Secure by Design Best Practices with Free Secure ...

Secure Code Warrior, the industry leader in Developer Risk Management (DRM), is expanding its commitment to empowering ...

Classic iPod enthusiasts rescue all 54 lost clickwheel games from obscurity

In the film Steve Jobs, the character Steve Jobs (Michael Fassbender) echoed the company’s tagline by promising to put 1,000 ...

The Rising Threat: How Crypto Hackers Use Ethereum Smart Contracts to Conceal Malware

Traditional methods often involved using trusted services like GitHub or Google Drive to host harmful links, but now, by embedding commands within Ethereum smart contracts, attackers are able to ...
Crypto News6 天

Hackers Exploit Ethereum to Inject Malware in Popular Coding Libraries

Hackers are exploiting Ethereum smart contracts to inject malware into popular NPM coding libraries, using packages to run ...
CSO Online6 天

Malicious npm packages use Ethereum blockchain for malware delivery

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...