Nieuws

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing …

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
Bitcoin Magazine5d

NPM Attack: Javascript Library Compromise Goes After Bitcoin Wallets

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...
Krebs on Security5d

18 Popular Code Packages Hacked, Rigged to Steal Crypto

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were ...
Ars Technica9mnd

Backdoor slipped into popular code library, drains ~$155k from digital wallets

Hackers pocketed as much as $155,000 by sneaking a backdoor into a code library used by developers of smart contract apps that work with the cryptocurrency known as Solana. The supply-chain attack ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
CoinDesk4d

Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken

The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, ...