Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

The malware was found in 18 npm packages that together are usually downloaded over 2 billion times per week. But the security ...

New Yorkers are on high alert after a warning about a hack that stole over $1 billion from American citizens, leading to a ...

In the first interview about the hack, the commission's new boss admits that huge mistakes were made, but says the ...

One of the great things about sharing hacks is that sometimes one person’s work inspires someone else to take it even further. A case in point is [Ivor]’s colorimeter hacking (parts two and ...

On September 8, several popular npm packages were compromised after a successful phishing attack on a maintainer account.

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Koi has raised $48 million to help companies protect against software add-ons, which are increasing in usage and can evade ...

Cybersecurity firms Tenable and Qualys fell to attacks stemming from hacker theft of authentication tokens from a third party ...