Nuacht

Security Boulevard15 uair an chloig

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...
CSO Online16 uair an chloig

Phishing kit Salty2FA washes away confidence in MFA

The newly surfaced Salty@FA phishing kit shows attackers can sidestep multi-factor authentication by cloaking attacks in ...
Developer Tech16 uair an chloig

Escalating npm supply chain malware attack drains crypto wallets

An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...