Browsing: npm

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto W

April 29, 2026

A malicious npm dependency linked to an AI-assisted code commit has been found stealing sensitive data and exposing crypto wallets.…

Security and Privacy

Npm Supply Chain Attack Uses Worm-Like Propagation

April 24, 2026

Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across developer ecosystems. According to…

Security and Privacy

New Npm ‘Ghost Campaign’ Uses Fake Install Logs to Hide Malware

March 24, 2026

A new malicious npm campaign using fake installation logs to hide malware activity has been identified by security researchers. The…

Security and Privacy

New npm Malware Campaign Redirects Victims to Crypto Sites

November 19, 2025

A new malware campaign built around seven npm packages has been uncovered by cybersecurity experts. The campaign, observed by the…

Security and Privacy

Open Source Community Thwarts Massive npm Supply Chain Attack

September 9, 2025

A potential npm supply chain disaster was averted in record time after attackers took over a verified developer’s credentials. On…

Security and Privacy

Malicious npm Packages Exploit Ethereum Smart Contracts

September 3, 2025

A malicious campaign targeting developers through npm and GitHub repositories has been uncovered, featuring an unusual method of using Ethereum…

Security and Privacy

North Korea Targets Crypto Devs Through NPM Packages

February 13, 2025

Researchers have uncovered a highly sophisticated North Korean campaign to covertly distribute crypto-stealing malware via open source components. SecurityScorecard said…

Security and Privacy

New Attacks Exploit VSCode Extensions and npm Packages

December 18, 2024

A recent investigation by security researchers has revealed a troubling surge in malicious campaigns exploiting popular development tools, including VSCode…

Security and Privacy

npm Package Lottie-Player Compromised in Supply Chain Attack

November 25, 2024

A targeted supply chain attack involving the widely used npm package @lottiefiles/lottie-player has been uncovered, highlighting vulnerabilities in software dependencies.…

Security and Privacy

North Korean Hackers Launch New Wave of npm Package Attacks

August 29, 2024

A recent surge in malicious activity involving North Korean-linked threat groups has been identified by cybersecurity researchers, revealing a coordinated…

What's Hot

Celsius founder Alex Mashinsky settles FTC case with $10M payment

Visa Adds Base, Polygon, Canton, Arc and Tempo to Stablecoin Settlement Program

XRP 2017 Breakout Replay? Analyst Drops Bold 1,992% Target

Browsing: npm

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto W

Npm Supply Chain Attack Uses Worm-Like Propagation

New Npm ‘Ghost Campaign’ Uses Fake Install Logs to Hide Malware

New npm Malware Campaign Redirects Victims to Crypto Sites

Open Source Community Thwarts Massive npm Supply Chain Attack

Malicious npm Packages Exploit Ethereum Smart Contracts

North Korea Targets Crypto Devs Through NPM Packages

New Attacks Exploit VSCode Extensions and npm Packages

npm Package Lottie-Player Compromised in Supply Chain Attack

North Korean Hackers Launch New Wave of npm Package Attacks

Autonomous NFTs: The Future of Digital Ownership and Interaction

Legal Expert Says Court is Unlikely to Dismiss SEC Charges Against Coinbase

Hape Parent Company Digimental Studio Acquired for $12M

Top Insights

Celsius founder Alex Mashinsky settles FTC case with $10M payment

Visa Adds Base, Polygon, Canton, Arc and Tempo to Stablecoin Settlement Program

XRP 2017 Breakout Replay? Analyst Drops Bold 1,992% Target

What's Hot

Browsing: npm

Subscribe to Updates