Major supply chain attack has occurred through popular JavasSript NPM packages. The payload is a crypto-clipper that steals funds by swapping wallet addresses in network requests and directly hijacking crypto transactions. Read more here:

Anatomy of a Billion-Download NPM Supply-Chain Attack

A massive NPM supply chain attack has compromised foundational packages like Chalk, affecting over 1 billion weekly downloads. We dissect the crypt...