Security News

Cryptocurrency users narrowly escaped losing all their funds last week after an attacker poisoned a digital wallet with malicious code that stole their blockchain access details.

What a wild ride, eh Komodo? Blockchain biz Komodo this week said it had used a vulnerability discovered by JavaScript package biz NPM to take control of some older Agama cryptocurrency wallets to...

NPM is working to course-correct after 2018 brought a handful of major incidents that caused usability and security headaches for system administrators.

Node.js package tried to plunder Bitcoin wallets A widely used Node.js code library in NPM's warehouse of repositories was altered to include crypto-coin-stealing malware. The lib in question,...

...and those devs are then applying patches, we hope JavaScript library custodian NPM, after years of security scrambling, looks to be getting a grip on its code safety.…

Tokens killed after eslint-scope JavaScript utility compromised An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal...

A malicious package masquerading as a cookie parsing library but delivering a backdoor instead was unpublished from the npm Registry along with three other packages. read more

Criminals used a typo-squatting technique and uploaded rogue JavaScript libraries to a popular code repository npm.