Targeting NPM is an increasingly popular method of launching supply chain attacks for cybercriminals, primarily because of ...

An illicit npm package called 'crypto-encrypt-ts' may appear to revive the unmaintained but vastly popular CryptoJS library, ...

xrpl.js is a popular JavaScript API for interacting with the XRP Ledger blockchain, also called the Ripple Protocol, a ...

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and ...

A security crisis was avoided after a hacker exploited a developer’s access token to inject malicious code into a toolkit ...

A malicious actor used a compromised Ripple dev account to publish commits to NPM The commits would grant access to people's ...

The issue only affects versions of Node Package Manager (NPM), a site where developers share reusable code for projects.

Cybersecurity researchers at Socket have uncovered a malicious npm package that hijacks server control during payment ...

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram ...

Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer ...

Ripple's xrpl.js package breach threatens DeFi wallets on XRP. No major thefts reported, and Ripple has deprecated the compromised version.