The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

The Open Network chief technology officer, Anatoly Makosov, said the solution to the attack is to switch to a safe version and reinstall clean code.

Ledger CTO cautions that there is an NPM supply chain attack on the rampage. He encouraged users to cease risky on-chain ...

Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were ...

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by ...

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...

While software bills of materials offer some transparency over software components, they don’t solve the imbalance between ...

An NPM supply chain attack has prompted Ledger Chief Technology Officer Charles Guillemet to urge crypto users to pause on-chain transactions.

Security researchers worldwide are warning about a supply-chain attack on the Node Package Manager (NPM), where a ...