CoinTelegraph

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software. Hackers have compromised widely ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
TechRadar

Popular JavaScript library can be hacked to allow attackers into user accounts

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Node-forge cryptography library flaw (CVE-2025-12816) allowed bypass of signature and certificate ...
Bleeping Computer

Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency

A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. The affected package is Event-Stream, ...
Cryptopolitan on MSN

Axios supply chain attack raises risk to crypto wallets

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks.
CoinTelegraph

Hackers are exploiting a JavaScript library to plant crypto drainers

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...
TechRadar

Ripple cryptocurrency software library hit by major security issue, wallets under threat

A malicious actor used a compromised Ripple dev account to publish commits to NPM The commits would grant access to people's crypto wallets They were downloaded around 450 times before being pulled ...