资讯

JavaScript packages with billions of downloads were injected with malicious code in world's ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
Yahoo Malaysia13 小时

Ledger CTO Warns of NPM Supply-Chain Attack Hitting 1B+ Downloads

According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to ...
Cryptopolitan18 小时

Is Binance’s customer data, assets at risk after major supply chain attack?

Binance reassures customers after a massive NPM supply chain attack injects malicious code into 18 popular JavaScript ...
InsideBitcoins20 小时

NPM Hack Puts 1 Billion Crypto Wallets At Risk As Ledger CTO Urges Users To Halt Transactions

An NPM supply chain attack has prompted Ledger Chief Technology Officer Charles Guillemet to urge crypto users to pause ...

Crypto Users on High Alert: The NPM Attack Targeting JavaScript Libraries

Charles Guillemet, Chief Technology Officer at Ledger, emphasized the gravity of the situation, stating, "There’s a large-scale supply chain attack in progress: the NPM account of a reputable ...

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...