Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.

SwissBorg confirmed that hackers exploited a vulnerability in staking partner Kiln’s API, which allowed them to drain 193,000 ...

Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads.

A new cyberattack is silently targeting crypto from users during transactions amid an incident that security researchers ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.

Converting HTML into PDF has become an essential requirement across industries. Businesses generate invoices, receipts, ...

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

Azure AI Foundry’s August 2025 update brings the GPT-5 family of models, previews a new Browser Automation tool, and expands ...

Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of victims.