CoinTelegraph

Largest NPM attack in crypto history stole less than $50: SEAL

Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. ”Picture this: you compromise ...
All About Security

CISA warnt vor massiver Kompromittierung der Software-Lieferkette im npm-Ökosystem

Die US-amerikanische Cybersicherheitsbehörde CISA hat eine Warnung zu einem gravierenden Vorfall im JavaScript-Ökosystem ...
ADTmag

The Worm That Ate JavaScript: Inside the Shai-Hulud Supply Chain Attack

The JavaScript development community faced one of its most sophisticated supply chain attacks in September, when a ...
CoinDesk

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

A phishing email on Monday took down one of Node.js’s most prolific developers by pushing malicious code into packages downloaded billions of times a week, in what researchers call the largest ...
Bleeping Computer

npm 'accidentally' removes Stylus package, breaks builds and pipelines

npm has taken down all versions of the real Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the package. A security placeholder ...