A targeted supply chain compromise of an open-source node package manager (npm) resulted in malicious updates to widely used packages, enabling cryptocurrency theft through traffic interception and transaction manipulation of browser-based crypto wallets. The post 16 Minutes to Impact: npm Supply Chain Abuse Deploys crypto-draining malware appeared first on Sygnia.
