NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...

Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.

Charles Guillemet says a phishing-led supply-chain breach could have become a systemic disaster for crypto users.

Ledger CTO warns of supply chain cyberattack on JavaScript packages used by over a billion users. Hardware wallets remain ...

Ledger CTO urged hardware wallet users to verify every transaction amid a large-scale supply chain attack. Analysts warned ...

Ledger's CTO Charles Guillemet warned of a large-scale supply chain attack, potentially stealing crypto from common software ...