资讯

CoinDesk

This Invisible 'ModStealer' Is Targeting Your Browser-Based Crypto Wallets

The code includes pre-loaded instructions to target 56 browser wallet extensions and is designed to extract private keys, credentials, and certificates.
Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Ahmedabad IT company, Code and core gifts ₹100000 to an employee for his loyalty: Here's why

In an unusual move in India's IT sector, Ahmedabad-based Code and Core has awarded a bonus of ₹1,00,000 and a special medal ...
SecurityWeek

Highly Popular NPM Packages Poisoned in New Supply Chain Attack

Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...

JavaScript packages with billions of downloads were injected with malicious code in world's ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.