Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.

SwissBorg confirmed that hackers exploited a vulnerability in staking partner Kiln’s API, which allowed them to drain 193,000 ...

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads.

A new cyberattack is silently targeting crypto from users during transactions amid an incident that security researchers ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

Converting HTML into PDF has become an essential requirement across industries. Businesses generate invoices, receipts, ...

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.

Selenium IDE: This is like a beginner’s friend. It’s a browser extension, often for Firefox, that lets you record your ...

Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of victims.