News

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...
CSO Online2d

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing …

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
The Hacker News2d

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...
Forbes8mon

15 Reasons To Choose Node.js For Product Development In 2025

Staying ahead of the curve is no longer a choice. It has become a necessity. As of November 2024, Node.js powers 3.9% of websites globally, according to Web Technology Surveys. That includes giants ...

Ledger CTO warns of shocking NPM attacks by crypto hackers

The two exploited NPM packages, both uploaded in July, are: colortoolsv2. mimelib2. The dangerous code allowed the malware to evade security detection and ask for the next-stage p ...