Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
SecurityWeek

Chrome 140 Update Patches Sixth Zero-Day of 2025

An exploited zero-day in the V8 JavaScript engine tracked as CVE-2025-10585 was found by Google Threat Analysis Group this ...

Largest NPM attack in crypto history stole less than $50: SEAL

Less $50 worth of crypto has been stolen from the large-scale JavaScript libraries attack on Monday, which targeted Ethereum ...

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel series — because it publishes any stolen credentials in a new public GitHub ...

Crypto stolen by hackers in largest NPM attack

Crypto intelligence platform Security Alliance released a report on Sep. 8 to reveal that Ethereum and Solana wallets have ...

Heathrow warns of second day of disruption after cyber-attack

Air travellers are facing another day of disruption at several European airports including Heathrow, after a cyber-attack knocked out a check-in and baggage system. There were hundreds of delays on ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...
Crowdfund Insider

Ledger CTO Warns Users to Halt Onchain Transactions Due to Potential Cyberattacks

Warning from Charles Guillemet, CTO of Ledger, urged certain users to halt onchain transactions due to a potentially ...