What is a supply chain attack in crypto? A supply chain attack in the crypto domain is a cyberattack where hackers target third-party components, services or software that a project relies on instead ...

One such event occurred in December 2024, making it worthy of a ranking for 2025. The hackers behind the campaign pocketed as ...

In a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing utilities, several of which were successfully compromised to distribute malware.

Supply-chain attacks have evolved considerably in the last two years going from dependency confusion or stolen SSL among others once common attacks to AI-backed social engineering and open-source ...

A supply chain attack targeting key components of the Ethereum development ecosystem has affected the Nomic Foundation and Hardhat platforms. The attackers infiltrated the ecosystem using malicious ...

Shai-Hulud is the worst-ever npm JavaScript attack. This software supply chain worm attack is still ongoing. Here are some ways you can prevent such attacks. For those of you who aren't Dune fans, ...

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...

A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise ...

Open-source software has become the backbone of modern development, but with that dependency comes a widening attack surface. The npm ecosystem in particular has been a high-value target for ...

In recent years, we have seen a rise in attacks of a previously unheard-of type – supply chain attacks. As attack prevention in systems becomes more and more sophisticated, including dedicated ...