Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...

Hackers are exploiting Ethereum smart contracts to inject malware into popular NPM coding libraries, using packages to run ...

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Hackers are using Ethereum smart contracts to conceal malware payloads inside seemingly benign npm packages, a tactic that ...

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...

In contrast, colortoolsv2 and mimelib2 leveraged Ethereum smart contracts to store and deliver the URLs used for fetching the ...

Ethereum smart contracts are being used to download malware via poisoned NPM packages, something Binance has linked to DPRK ...

Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.

The popular Nx build system, boasting 4 million downloads each week, was exploited in the first supply chain breach to use AI ...

Unsecured platforms can be susceptible to malicious actors inserting harmful packages to exploit unsuspecting users.

ReversingLabs discovered two NPM packages, colortoolsv2 and mimelib2, using Ethereum smart contracts to download malware.

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...