News

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
The Register on MSN

Dev snared in crypto phishing net, 18 npm packages compromised

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack Crims have added backdoors to at least ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...

Ethereum smart contracts quietly push javascript malware targeting developers

Hackers are using Ethereum smart contracts to conceal malware payloads inside seemingly benign npm packages, a tactic that ...