资讯

JavaScript packages with billions of downloads were injected with malicious code in world's ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
Security Boulevard

How npm Security Collapsed Thanks To a 2FA Exploit

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...
BeInCrypto

Massive Software Hack Puts Every Crypto Transaction at Risk

Hackers hijacked popular web code to steal crypto. Users must check every wallet transaction to avoid losing funds.
CoinTelegraph

Lessons from Bybit hack: How to stay safe on crypto exchanges

The Bybit attack exploited predictable behaviors and habitual transaction approvals, proving that cybersecurity isn’t just about technology but also about human vigilance. The attack bypassed Bybit’s ...

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
Security Boulevard

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
InsideBitcoins

NPM Hack Puts 1 Billion Crypto Wallets At Risk As Ledger CTO Urges Users To Halt Transactions

An NPM supply chain attack has prompted Ledger Chief Technology Officer Charles Guillemet to urge crypto users to pause on-chain transactions.