CERT-In has issued an advisory warning of Shai-Hulud malware that targets JavaScript’s Node Package Manager (npm) ecosystem ...

Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

Chainguard, the trusted foundation for software development and deployment, today announced Chainguard Libraries for JavaScript, a collection of trusted builds of thousands of common JavaScript ...

Security firm Trend Micro has discovered an attack on home routers that involves malicious JavaScript, a mobile website, and a mobile device such as a smartphone. This attack has been taking place ...

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...

Charles Guillemet says a phishing-led supply-chain breach could have become a systemic disaster for crypto users.

Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. ”Picture this: you compromise ...

Ledger Chief Technology Officer Charles Guillemet on Monday urged crypto users to take immediate precautions following what appears to be a large-scale supply chain cyberattack targeting the ...

The developers have fixed several vulnerabilities in the current version of the Chrome web browser. Attacks are already occurring.