News

The Hacker News1d
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...
Popular JavaScript package is: Malware through supply chain attack
Maintainer, the package is, which is downloaded around 2.7 million times a week, was infected with a malware loader.
Dynamsoft Barcode Reader JavaScript SDK v11.0 Improves Accuracy and Performance with Advanced Deep Learning and Algorithm Enhancements
Dynamsoft has announced the release of version 11.0 of its Barcode Reader SDK for JavaScript edition, introducing ...
CSO Online11d
Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack
DLL-based malware targets Windows users after a phishing campaign tricked the maintainer into leaking a token.
The Hacker News12d
3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics
Further dissection has determined that over 3,500 websites have been ensnared in the sprawling illicit crypto mining effort, ...