News
NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...
A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...
Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...
According to official statements by cryptocurrency teams, more and more services have confirmed that their tech architectures are unaffected by the Sept. 8 NPM attack, the biggest hack in the history ...
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.
In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.
An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...
Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...
JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback