Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: junon Clear Filter

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

zdnet.com Charlie Osborne 2025-10-09 04:06:38

Elyse Betters Picaro / ZDNET Follow ZDNET: Add us as a preferred source on Google. ZDNET's key takeaways A phishing email was at the heart of the attack. NPM team quickly removed backdoored versions. 18 packages hit, with 2B+ downloads every week. A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. 'I've been pwned' On Sept. 8, Josh Junon, a package maintainer whose account was at the center of the attack, revealed

Topics: email junon npm packages phishing
Read More
Shop Amazon

Massive Supply Chain Attack Targets Cryptocurrencies Through NPM

gizmodo.com Lucas Ropek 2025-10-09 12:50:00

A phishing attack aimed at a particular software maintainer’s account has managed to compromise software packages that have over 2.6 billion weekly downloads. BleepingComputer, noting that the infection is being called the “largest supply chain attack in history.” The developer behind the software packages, identified as Josh Junon, was compromised via a phishing scheme targeting several blockchains, including Ethereum, Bitcoin, Solana, and Tron, The Register reports. Junon has been posting abo

Topics: account junon npm packages software
Read More
Shop Amazon

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

arstechnica.com Unknown 2025-10-09 20:37:04

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to be the world’s biggest supply-chain attack ever. The attack, which compromised nearly two dozen packages hosted on the npm repository, came to public notice on Monday in social media posts. Around the same time, Josh Junon, a maintainer or co-maintainer of the affected packages, said he had been “pwned” after falling for an email that claimed his account on the platform w

Topics: code junon npm packages time
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3662 apple 3038 new 2415 google 2036 content 1735
Popular
like 1505 company 1431 pro 1338 iphone 1177 app 1133 zdnet 1115 said 1070 data 1053 does 910 reviews 895
Emerging
editorial 874 amazon 860 game 811 samsung 778 phone 768 pixel 761 android 743 just 723 users 689 available 686
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]