Bleeping Computer

Blockchain dev's wallet emptied in "job interview" using npm package

A blockchain developer shares his ordeal over the holidays when he was approached on LinkedIn by a "recruiter" for a web development job. The recruiter in question asked the developer to download npm ...
CSOonline

Malicious npm packages use Ethereum blockchain for malware delivery

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub repo. Attackers behind a recent supply chain attack that involved rogue ...
Bleeping Computer

Malicious npm packages target Ethereum developers' private keys

Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. Collectively, the malicious packages have ...
InfoWorld

‘Package confusion’ attack against NPM used to trick developers into downloading malware

Application testing company Checkmarx has warned developers to be on the lookout for malicious NPM packages, after discovering a new attack that employs typosquatting to impersonate two popular ...
Coinspeaker

Chainalysis Launches No-Code Automation Workflows For Blockchain Intelligence

Chainalysis launches Workflows, a no-code tool automating blockchain data analytics without requiring SQL or Python expertise.