Hackers Just Found A Way To Hide Malware In Ethereum Smart Contracts — And Your Crypto Wallet Could Be Next

Hackers are embedding malware commands in Ethereum smart contracts, disguising them as ordinary blockchain traffic and ...
TechJuice

Massive npm Supply-Chain Attack: Shai-Hulud Worm Infects Over 180 Packages

A new self-replicating worm dubbed Shai-Hulud has compromised over 180 npm packages, stealing credentials and spreading ...

Self-propagating worm fuels latest npm supply chain compromise

In a similar style to the Nx attack, the payload then publishes a new repo via the victim's GitHub account, dropping stolen ...

Ledger CTO warns of shocking NPM attacks by crypto hackers

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...

Unofficial Postmark MCP npm silently stole users' emails

A npm package copying the official 'postmark-mcp' project on GitHub turned bad with the latest update that added a single ...

First npm worm "Shai-Hulud" released in supply chain attack

A new supply chain attack on npm, the node package manager, has injected the first malware with self-replicating worm ...
ZDNet

npm bans terminal ads

After last week a popular JavaScript library started showing full-blown ads in the npm command-line interface, npm, Inc., the company that runs the npm tool and website, has taken a stance and plans ...