Hosted on MSN

Solana blockchain's popular web3.js npm package backdoored to steal keys, funds

Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer Steven ...
International Business Times

RAIR Technologies Announces DevDapp, A Web3 Incentive System For GitHub

DevDapp incentivizes the work of developers through $RAIR token rewards Developers will also receive tokens from RAIR's partners, including Sony's Soneium The system ...
CoinTelegraph

Developer posts secret key on GitHub, loses $40K in 2 minutes

A Web3 developer shared the unfortunate story of losing funds after accidentally making his wallet keys publicly available on the developer platform GitHub. On June 5, Brian Guan, co-founder of the ...
The Register on MSN

Dev snared in crypto phishing net, 18 npm packages compromised

Popular npm packages debug, chalk, and others hijacked in massive supply chain attack Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset ...
ZDNet

Microsoft buys JavaScript developer platform npm; plans to integrate it with GitHub

Microsoft is acquiring Node package manager npm Inc., officials announced on March 16. (Neither company is sharing the purchase price.) Microsoft plans to integrate GitHub with npm with the intent of ...
heise online

Supply chain attack: Solana web3.js library was infected with malicious code

Anyone who has recently downloaded the JavaScript SDK web3.js from Solana from the package manager npm may have picked up malicious code. The origin is probably a phishing attack on maintainers of the ...
CoinDesk

Munchables Exploited for $62M, North Korea-Linked Exploiter Returns Private Keys to Web 3 Firm

Web3 project Munchables was drained of an estimated $62.5 million worth of ether (ETH) early Wednesday after a contract was maliciously manipulated, blockchain data shows. Munchables said on X that ...