Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.

PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.

Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.

Solana is a blockchain designed for decentralized applications and cryptocurrencies. It is similar to Ethereum in many ...

The popular Nx build system, boasting 4 million downloads each week, was exploited in the first supply chain breach to use AI assistants.

The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices.

A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT).

According to a Socket observation, packages like eslint-config-prettier and eslint-plugin-prettier were compromised hours after the open-source supply chain security firm reported an npm phishing ...

In a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing utilities, several of which were successfully compromised to distribute ...