5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

Ledger CTO warns of shocking NPM attacks by crypto hackers

Charles Guillemet, CTO at the crypto wallet platform Ledger, warned the crypto community to be cautious while executing ...

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...
Cryptopolitan on MSN

Supply chain npm attack only stole $500 in meme tokens so far

The supply chain npm attack did not steal millions in crypto, despite initial fears. The wallets used in the attack only ...
GovInfoSecurity

Shai Hulud Burrows Into NPM Repository

An apparent "Dune" aficionado is responsible for the first self-propagating attack on the npm JavaScript repository in what one security company has ...
The Independent

Best solar panels in the UK 2025

Owing to the rise in energy costs, many homeowners are asking, “Are solar panels worth it?”. While it depends on a range of factors, the answer, in most instances, is yes. The growing interest has ...