A serious security scare has hit the open-source software world, and it’s got big implications for crypto. Ledger’s chief ...

A successful phishing attack against a developer has resulted in one of the largest supply chain compromises to date, adding ...

"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...

Crypto firms are racing to assess potential fallout after reports of a large-scale supply chain attack that compromised a ...

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...

Charles Guillemet, Chief Technology Officer at Ledger, warned on Monday of a large-scale supply chain attack targeting crypto software wallets after the Node Package Manager (NPM) account of ...

Less $50 worth of crypto has been stolen from the large-scale JavaScript libraries attack on Monday, which targeted Ethereum ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...