Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications. Brighterion solutions stop payment and acquirer fraud, reduce ...

The attack's genesis traces back to npm maintainer Josh Junon, known online as "qix," who fell victim to an AI-generated phishing email. According to the report, attackers crafted emails that evaded ...

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Data from Arkham Intelligence shows that the authors of the NPM supply chain attack, designed to steal crypto assets by ...

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...

A major JavaScript supply chain attack targeting crypto wallets through compromised GitHub packages has stolen only $1,043.

Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads.

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

Warning from Charles Guillemet, CTO of Ledger, urged certain users to halt onchain transactions due to a potentially ...