Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
SC Media

Multiplatform Badbunny worm attacks OpenOffice across Windows, Mac and Linux

A proof-of-concept multiplatform macro worm that can attack OpenOffice on Windows, Mac and Linux PCs, has been sent to security vendor Sophos. The "Badbunny" worm attempted to download and display an ...