InsideBitcoins

NPM Hack Puts 1 Billion Crypto Wallets At Risk As Ledger CTO Urges Users To Halt Transactions

An NPM supply chain attack has prompted Ledger Chief Technology Officer Charles Guillemet to urge crypto users to pause on-chain transactions.
Bitcoin Magazine

NPM Attack: Javascript Library Compromise Goes After Bitcoin Wallets

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...
InfoWorld

What makes JavaScript great

JavaScript’s low bar to entry has resulted in one of the richest programming language ecosystems in the world. This month’s ...
GovInfoSecurity

Shai Hulud Burrows Into NPM Repository

An apparent "Dune" aficionado is responsible for the first self-propagating attack on the npm JavaScript repository in what one security company has ...
Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...