Stripe iframe skimmer hit 49 merchants in Aug 2024, bypassing CSP to steal cards, driving PCI DSS 4.0.1 updates.
The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
An NPM supply chain attack has prompted Ledger Chief Technology Officer Charles Guillemet to urge crypto users to pause on-chain transactions.
Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent compromise of Josh Junon (Qix), the maintainer of 18 NPM packages that have ...
The malware was found in 18 npm packages that together are usually downloaded over 2 billion times per week. But the security community was quick to act.
A major supply chain attack on the NPM repository briefly threatened crypto users worldwide. Malicious code was pushed into ...
Crypto intelligence platform Security Alliance released a report on Sep. 8 to reveal that Ethereum and Solana wallets have ...
ComicForm phishing since April 2025 targets Belarus, Kazakhstan, Russia using Formbook malware, evading Microsoft Defender.