The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, ...

Two npm packages hide downloader commands via Ethereum smart contracts; uploaded July 2025; targeting crypto developers.

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...

Hackers are exploiting Ethereum smart contracts to inject malware into popular NPM coding libraries, using packages to run ...

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Hackers are using Ethereum smart contracts to conceal malware payloads inside seemingly benign npm packages, a tactic that ...

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...

In contrast, colortoolsv2 and mimelib2 leveraged Ethereum smart contracts to store and deliver the URLs used for fetching the ...

Ethereum smart contracts are being used to download malware via poisoned NPM packages, something Binance has linked to DPRK ...

ReversingLabs discovered two NPM packages, colortoolsv2 and mimelib2, using Ethereum smart contracts to download malware.

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...