News

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishin…

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Ledger CTO warns of shocking NPM attacks by crypto hackers

The two exploited NPM packages, both uploaded in July, are: colortoolsv2. mimelib2. The dangerous code allowed the malware to evade security detection and ask for the next-stage p ...