News

The Register on MSN6d

Dev snared in crypto phishing net, 18 npm packages compromised

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack Crims have added backdoors to at least ...

Ledger CTO warns of shocking NPM attacks by crypto hackers

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...
The Hacker News11d

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers

Two npm packages hide downloader commands via Ethereum smart contracts; uploaded July 2025; targeting crypto developers.

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
CoinDesk5d

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...
ZDNet6y

npm bans terminal ads

After last week a popular JavaScript library started showing full-blown ads in the npm command-line interface, npm, Inc., the company that runs the npm tool and website, has taken a stance and plans ...