资讯

黑客通过钓鱼攻击劫持 npm 软件包:含 debug 等十余个高频库,周下载 ...

据介绍,黑客通过钓鱼邮件入侵知名开发者 Josh Junon(用户名 qix)等人的账户,在至少 18 个高频下载包中注入恶意代码,这 18 个受影响的包周下载总量达 26 亿次。 qix 表示,他收到的钓鱼邮件来自 support@ ...
Crypto News8 小时

“Avoid On-Chain Transactions”: Ledger CTO Issues Urgent Warning After JavaScript Attack

A JavaScript supply chain attack has delivered a crypto-clipper via 18 npm packages; Ledger’s CTO has warned ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after ...
腾讯网6 分钟

OKX Wallet:未受第三方组件安全事件影响,APP、插件端以及Web端均可 ...

PANews 9月9日消息,针对「NPM供应链攻击」事件,OKX Wallet表示,OKX 始终将系统安全置于首位,在产品研发与上线全流程中严格管控第三方组件使用风险。经内部核查与评估,OKX APP 基于安卓与 iOS ...

黑客借钓鱼邮件入侵npm开发者账户,chalk、debug等十余个高频包被植入 ...

网络安全领域再起波澜,全球最大的Javascript包管理器npm遭遇重大安全事件。据网络安全机构Aikido Security披露,黑客通过精心设计的钓鱼攻击,成功入侵多名知名开发者账户,并在高频使用的软件包中植入恶意代码,引发业界广泛关注。
Cyber Daily2 小时

18 popular JavaScript code packages hacked to spread malware

Multiple npm packages compromised by phishing attack in attempt to spread crypto malware to billions of victims.
腾讯网1 小时

npm史上最大供应链攻击:每周下载量超20亿的软件包遭大规模攻击劫持

网络安全公司Aikido ...

黑客通过钓鱼攻击劫持npm软件包:含chalk、debug等十余个高频库

据介绍,黑客通过钓鱼邮件入侵知名开发者 Josh Junon(用户名 qix)等人的账户,在至少 18 个高频下载包中注入恶意代码,这 18 个受影响的包周下载总量达 26 亿次。 qix 表示,他收到的钓鱼邮件来自 ...

Ledger CTO Warns of Serious NPM Hack That Can Hijack Crypto Transactions

A serious security scare has hit the open-source software world, and it’s got big implications for crypto. Ledger’s chief ...
Crypto News8 小时

Swiss Crypto Platform SwissBorg Hit by $41.5M SOL Hack After Partner API Compromise

SwissBorg has reported SOL losses after a partner breach; API provider Kiln has been compromised, with the treasury covering ...
Analytics Insight4 天

How to Master Programming Languages Faster Using GitHub Copilot

GitHub Copilot is your AI coding assistant and will help you code faster, debug smarter, and learn to write in new ...