SiliconANGLE

INKY warns of new QR code phishing tactic using embedded JavaScript

A new report out today from cybersecurity company INKY Technology Corp. is sounding the alarm over a new wave of phishing threats that use QR codes in increasingly dangerous and deceptive ways, ...
heise online

Popular JavaScript package is: Malware through supply chain attack

A software supply chain attack has hit the popular JavaScript package is, which has almost 2.7 million downloads per week. Maintainer Jordan Harband writes on Bluesky that attackers had taken over the ...
Krebs on Security

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...