Search
From ‘Code Red’ to ‘Nothingburger’: Was the NPM Exploit Overhyped?
12.9.2025
A recent NPM supply chain attack sparked brief panic in the crypto community, raising fears of widespread fund theft. While some dismissed the exploit as minor, security experts emphasized it as a wake-up call for developers. A ‘Nothingburger’ With a Wake-up Call Initial reports of a large-scale...
The Protocol: SwissBorg’s SOL Earn Wallet Exploited for $41.5M
10.9.2025
Also: Ledger CTO Warns of NPM Exploit, Backpack EU opens, and Polygon PoS Chain Reports Finality Lag
Ethereum, Solana Wallets Targeted in Massive 'npm' Attack But Just 5 Cents Taken
9.9.2025
The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, the attacker republished every "qix" package with a crypto-focused payload
Failed NPM exploit highlights looming threat to crypto security: Exec
9.9.2025
Ledger chief technology officer Charles Guillemet said that while the immediate danger had passed, the threat still exists
Failed NPM exploit highlights looming threat to crypto security: Exec
9.9.2025
Ledger chief technology officer Charles Guillemet said that while the immediate danger had passed, the threat still exists
Failed NPM exploit highlights looming threat to crypto security: Exec
9.9.2025
Ledger chief technology officer Charles Guillemet said that while the immediate danger had passed, the threat still exists
Failed NPM exploit highlights looming threat to crypto security: Exec
9.9.2025
Ledger chief technology officer Charles Guillemet said that while the immediate danger had passed, the threat still exists
npm “debug” Attack Fails, Ledger CTO Confirms Minimal Impact
9.9.2025
Key Highlights: A major supply chain attack compromised npm packages such as “debug” and “chalk” that are widely…
Largest npm attack in crypto history stole less than $50: SEAL
9.9.2025
Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets
Ledger CTO Warns of Large-Scale NPM Supply Chain Attack; Urges Address Checks
8.9.2025
Ledger CTO Charles Guillemet warned Monday that a large-scale software supply chain attack is underway targeting NPM packages used across the JavaScript ecosystem globally. ‘Potentially All Chains’: Ledger CTO Cautions After NPM Developer Account Hacked Ledger‘s Guillemet said on X that a reputable...
Ledger CTO Warns of NPM Supply-Chain Attack Hitting 1B+ Downloads
8.9.2025
According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to silently swap crypto wallet addresses in transactions. That means unsuspecting users could send funds directly to the attacker without realizing it
Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries
8.9.2025
The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software
Crypto users urged to take extreme care as NPM attack injects malware into core JavaScript libraries
8.9.2025
The breach hit core JavaScript libraries like chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software
XRP Ledger Bug Patched After 'Serious' Flaw Spotted in XRPL Library
23.4.2025
The issue only affects versions of Node Package Manager (NPM), a site where developers share reusable code for projects
Report: Lazarus Group Exploits Github, NPM Packages in Cryptocurrency Malware Campaign
13.2.2025
A state-aligned cyber collective from North Korea has compromised Github repositories and NPM modules with stealthy malicious code to pilfer digital currencies, per a Securityscorecard STRIKE Team analysis. Security Researchers Warn of Rising Open-Source Malware Attacks Linked to Lazarus Group...
Deno představuje JSR – JavaScript Registry
5.3.2024
O Denu jsme psali, je s námi již více jak tři roky. Podobně jako je pro Node.js důležité npm, bude mít Deno svého správce javascriptových modulů s názvem JSR (zkratka JavaScript Registry). JSR…
New Crypto ICOs to Invest in September 22 - Tamadoge, Neptune Mutual, Magic Square
23.9.2022
Read More: New Crypto ICOs to Invest in September 22 - Tamadoge, Neptune Mutual, Magic Square
A Complete Beginner’s Guide to npm
20.1.2022
(This is a sponsored post.)
I remember vividly a period early in my coding career when I began to feel that things were changing away from what I knew, and headed towards a more complex set of tools and …
A Complete Beginner’s Guide to npm originally published on CSS-Tricks. You should...
What the Heck Does “npm” Mean?
20.1.2022
One of the things that makes this new, tooling-heavy era of front-end development so seemingly hard to understand at first is that, while we often call things by a singular name, they tend to be actually comprised of several different …
What the Heck Does “npm” Mean? originally published...
What the Heck is the Command Line?
20.1.2022
Now that we know what npm stands for and have a super general idea of what it does and how it fits into web development, we ought to spend a little bit of time looking at the command line, because …
What the Heck is the Command Line? originally published on CSS-Tricks. You should get...