Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...

According to ReversingLabs' 2025 Software Supply Chain Security Report, 14 of the 23 crypto-related malicious campaigns in ...

The Open Network chief technology officer, Anatoly Makosov, said the solution to the attack is to switch to a safe version and reinstall clean code.

Charles Guillemet says a phishing-led supply-chain breach could have become a systemic disaster for crypto users.

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...

Ledger CTO cautions that there is an NPM supply chain attack on the rampage. He encouraged users to cease risky on-chain ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...

Pi Network's Co-founder Dr. Fan will speak at TOKEN2049, discussing Mainnet updates, adoption strategies, & the future of ...

Two billion downloads per week. That’s the download totals for the NPM packages compromised in a supply-chain attack this week. Ninety-nine percent of the cloud depends on one of the ...