News

Blockonomi2h

JavaScript Libraries with 2 Billion Weekly Downloads Targeted in Crypto Theft Attempt

NPM supply chain attack compromised 18 popular JavaScript packages, swapping crypto wallet addresses, but quick detection ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after ...

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.
The Hacker News7h

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...
Security Boulevard22h

APT37 Targets Windows with Rust Backdoor and Python Loader

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...
Techrights2h

Links 09/09/2025: “Torrents of Hate” and Political Crisis in France

The 'Scattered Lapsus$ Hunters' group has taken credit for the cyberattack on JLR. The luxury brand, which the Tata Group ...
Infosecurity Magazine1h

Open Source Community Thwarts Massive npm Supply Chain Attack

What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source ...