News

CryptoNewsZ20h

npm “debug” Attack Fails, Ledger CTO Confirms Minimal Impact

"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...