A new cross-platform malware named “ModStealer” actively targets crypto wallets while remaining undetected by major antivirus ...

近日，安全研究机构Mosyle发布报告，披露了一种名为“ModStealer”的新型跨平台信息窃取型恶意软件。该恶意软件自首次出现在VirusTotal平台至今已近一个月，但仍未被主流杀毒引擎识别。ModStealer具备在macOS、Windo ...

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Binance reassures customers after a massive NPM supply chain attack injects malicious code into 18 popular JavaScript ...

Crypto intelligence platform Security Alliance released a report on Sep. 8 to reveal that Ethereum and Solana wallets have ...

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

N Korea's expert hackers use social engineering tactics to target job seekers in the cryptocurrency & blockchain sectors.

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...