News
Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, ...
4don MSN
How to stay safe if you’re using MetaMask, Phantom, Trust or any crypto wallet from NPM attack
Note: If you’re using MetaMask, Phantom, Trust Wallet, or any crypto app, the advice is simple, take your time, check every character, and when possible, use a hardware wallet.
An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...
In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.
New granular access tokens allow NPM package maintainers to restrict which packages, scopes, and organizations a token has access to. Looking to improve the safety and security of NPM JavaScript ...
The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the computers ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback