MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
npm
Search

Dev snared in crypto phishing net, 18 npm packages compromised

Monday September 8, 2025. 09:06 PM , from TheRegister
Popular npm packages debug, chalk, and others hijacked in massive supply chain attack
Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the two-factor authentication protecting his npm account.…
Read more at TheRegister
https://go.theregister.com/feed/www.theregister.com/2025/09/08/dev_falls_for_phishing_email/

Related News

npm More packages poisoned in npm attack, but would-be crypto thieves left pocket change TheRegisterSep 9
packages Hackers Hijack npm Packages With 2 Billion Weekly Downloads in Supply Chain Attack SlashdotSep 8
crypto npm debug and chalk packages compromised (Aikido) LWN.netSep 8
dev Tycoon phishing kit uses sneaky new techniques to hide malicious links BetaNewsSep 3
snared 400 'Tech Utopian' Refuges Consider New Crypto-Friendly State SlashdotSep 1
compromised The Duty-Free Loophole Is Closing. What That Means for You—and Your Packages Wired: Tech.Aug 28
phishing Nx NPM packages poisoned in AI-assisted supply chain attack TheRegisterAug 27
net Crypto thief earns additional prison time for assaulting witness TheRegisterAug 26
npm Farmers Insurance harvests bad news: 1.1M customers snared in data breach TheRegisterAug 26
packages Biotechs Turn to Digital Coins, Crypto to Boost Stock Prices SlashdotAug 26
crypto Off-the-shelf tools make life easier for phishing attackers BetaNewsAug 25
dev A Crypto Micronation Is Making Friends at the White House Wired: Tech.Aug 25
snared Survey Finds More Python Developers Like PostgreSQL, AI Coding Agents - and Rust for Packages SlashdotAug 25
compromised Kidney dialysis giant DaVita tells 2.4M people they were snared in ransomware data theft nightmare TheRegisterAug 22
phishing Nearly half of Americans still reuse passwords despite phishing risks BetaNewsAug 19
net Someone's poking the bear with infostealers targeting Russian crypto developers TheRegisterAug 18
npm Phishing Training Is Pretty Pointless, Researchers Find SlashdotAug 17
packages Fintech, Crypto CEOs Urge US President To Block Banks' Data-Access Fees SlashdotAug 14
crypto Crypto-crasher Do Kwon admits guilt over failed not-so-stablecoin that erased $41 billion TheRegisterAug 13
dev Do Kwon Pleads Guilty to US Fraud Charges In $40 Billion Crypto Collapse SlashdotAug 13
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Sep, Wed 10 - 01:09 CEST