News

Standard-Journal

10-4 by WEX™ Expands Fuel Savings Network for Truckers, Adds Maverik Stations

In addition to Maverik — Adventure’s First Stop stations, 10-4 by WEX app users now have access to fuel discounts at thousands of locations nationwide including the 7FLEET Diesel Network (Speedway, ...

The Buyer’s Guide to Browser Extension Management

Browser extensions boost productivity—but also open the door to hidden risks like data exfiltration and AitM attacks. Keep ...

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Breach of npm threatens billions of weekly downloads in JavaScript ecosystem

Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals ...

JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing email is all it ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
CSO Online

Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads

Malware hidden in widely used libraries like chalk and debug hijacked crypto transactions via browser APIs, exposing deep ...
Cryptopolitan

Is Binance’s customer data, assets at risk after major supply chain attack?

Binance reassures customers after a massive NPM supply chain attack injects malicious code into 18 popular JavaScript ...
Blockonomi

JavaScript Libraries with 2 Billion Weekly Downloads Targeted in Crypto Theft Attempt

NPM supply chain attack compromised 18 popular JavaScript packages, swapping crypto wallet addresses, but quick detection ...

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...