JavaScript packages with billions of downloads were injected with malicious code in world's ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions of downloads are affected.
BeInCrypto

Hackers Steal $41.5 Million In Solana From a Swiss Crypto Exchange

SwissBorg hack drains $41.5 million in Solana via staking protocol exploit, sparking refunds, investigations, and concerns over security.

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

Huge malware attack targeting crypto exposes DeFi’s Achilles heel

Hackers poisoned JavaScript packages with crypto-stealing malware. The large scale attack exposes a DeFi weak point. The ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
CSOonline

Techworld.com: Web Site of UK Landmark Hacked to Serve Malware

The Web site of one of the U.K.’s most famous landmarks, the Forth Road Bridge, has been torn open in embarrassing fashion to serve malware, researchers are reporting. According to the security blog ...