Multiple npm packages were compromised through a supply chain attack via phishing, affecting over 2 billion downloads. The hijacked packages and malicious payloads aim to steal cryptocurrency and insert backdoors into software. #JoshJunon #npmSecurity #SupplyChainAttack #CryptocurrencyTheft
Keypoints
- A phishing attack compromised Josh Junonβs npm account and led to the publication of malicious package versions.
- The attack involved stealing two-factor authentication (2FA) credentials through a fake update email and AitM techniques.
- Over 20 npm packages with billions of weekly downloads were affected by the supply chain compromise.
- The injected malware intercepts cryptocurrency transactions, replacing wallet addresses with attacker-controlled ones.
- Cybercriminals use package takeovers and sophisticated techniques like slopsquatting to distribute malicious code and steal assets.
Read More: https://thehackernews.com/2025/09/20-popular-npm-packages-with-2-billion.html