News

Ledger CTO warns of shocking NPM attacks by crypto hackers

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...

Crypto stolen by hackers in largest NPM attack

Crypto users area take extreme caution. The recent attack on the Node Package Manager (NPM) packages of a well-known ...

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...
Cryptopolitan on MSN26m

Supply chain npm attack only stole $500 in meme tokens so far

The supply chain npm attack did not steal millions in crypto, despite initial fears. The wallets used in the attack only ...
CoinDesk13h

Ledger CTO Warns of NPM Supply-Chain Attack Hitting 1B+ Downloads

According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to silently swap crypto wallet addresses in transactions. That means unsuspecting ...
CSO Online5d

Malicious npm packages use Ethereum blockchain for malware delivery

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...
The Hacker News5d

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers

Two npm packages hide downloader commands via Ethereum smart contracts; uploaded July 2025; targeting crypto developers.
Infosecurity Magazine5d

Malicious npm Packages Exploit Ethereum Smart Contracts

In contrast, colortoolsv2 and mimelib2 leveraged Ethereum smart contracts to store and deliver the URLs used for fetching the ...

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to steal funds.