Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

“Avoid On-Chain Transactions”: Ledger CTO Issues Urgent Warning After JavaScript Attack

A large-scale supply chain attack on the JavaScript ecosystem has prompted an urgent warning from Ledger’s chief technology ...
Bleeping Computer

Supply chain attack hits npm package with 45,000 weekly downloads

An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system. The 'rand-user-agent' ...

Undetectable Malware Targeting Crypto Wallet Data Of Job Seekers: Report

An infostealer particularly focused on stealing cryptocurrency wallet data from macOS, Windows and Linux users has been ...