News

Security Boulevard7h

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

Hackers are sneaking malware into SVG images to bypass antivirus - here's what we know

Hackers are sharing malicious SVG files which spoof real-life websites in order to trick victims into downloading damaging ...

The Ultimate Hack For Developers: Vibe Coding And The Flow State You’ve Been Missing

Vibe coding is more than just a productivity trend or AI-assisted development; it's a transformative approach to coding.

Massive NPM crypto hack drained only $50

Cybercriminals hacked 18 NPM packages of a well-known developer to conceal malware. The breach affected several leading ...

Massive npm hack poisons 18 packages with billions of downloads

Npm packages are reusable blocks of JavaScript code published to the Node Package Manager registry that developers can ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

Hackers hijacked NPM libraries in a massive supply chain attack, injecting malware that swaps crypto wallet addresses to ...