Risk Warning: Beware of illegal fundraising in the name of 'virtual currency' and 'blockchain'. — Five departments including the Banking and Insurance Regulatory Commission
Information
Discover
Search
Login
简中
繁中
English
日本語
한국어
ภาษาไทย
Tiếng Việt
BTC
ETH
HTX
SOL
BNB
View Market
The NPM package "@ctrl/tinycolor", which has been downloaded 2.2 million times per week, was attacked by a supply chain attack containing a malicious information stealer.
2hours ago

According to a Scam Sniffer warning, the NPM package "@ctrl/tinycolor," with 2.2 million weekly downloads, has been infected with a malicious version. This stealer runs during the npm postinstall process and uses the legitimate tool TruffleHog to scan and exfiltrate sensitive data. Approximately 40 dependent packages have been affected. Users are advised to immediately check whether they have installed the affected version, suspend updates, and lock in a secure version.

Source Link
Recommended Articles
30-year interest rate cut cycle reveals patterns: Where will Bitcoin, US stocks, and gold go?
Lombard, Chainlink, and Symbiotic partner to introduce BARD token utility through restaking and launch the first cross-chain LBTC cryptoeconomic security layer.
Why does Base issue coins?
Odaily Exclusive Interview with Moonbirds Head Spencer: From World-Class Fencer to NFT Revivalist
Pro
As SOL returns to $240, where will the excess liquidity go?
An article reviewing the latest hot projects in the Pump.fun live streaming section
A $12 billion false boom? Figure and DefiLlama's dispute over "RWA data falsification"
Academics make a comeback: Small-town professor Waller becomes the most popular candidate for Federal Reserve Chairman
24-Hour Flash News
5minutes ago
China New City Group Partners with EX.IO to Launch Commercial Real Estate RWA
9minutes ago
Polymarket predicts that the trading volume of the Federal Reserve’s September decision has exceeded $130 million
13minutes ago
Yala: Avoid any transactions or operations related to YU and YBTC before the new plan is implemented
14minutes ago
Talus will launch its testnet on September 18th
23minutes ago
Japanese credit services firm Saison Capital launches $50 million blockchain investment fund
36minutes ago
Reliance Global, a US-listed company, will invest a total of $120 million in cryptocurrencies in phases.
Important News
9minutes ago
Polymarket predicts that the trading volume of the Federal Reserve’s September decision has exceeded $130 million
13minutes ago
Yala: Avoid any transactions or operations related to YU and YBTC before the new plan is implemented
14minutes ago
Talus will launch its testnet on September 18th
23minutes ago
Japanese credit services firm Saison Capital launches $50 million blockchain investment fund
36minutes ago
Reliance Global, a US-listed company, will invest a total of $120 million in cryptocurrencies in phases.
41minutes ago
Bitget launches U-margined ZKC perpetual contracts with leverage ranging from 1 to 75x
Download Odaily App
Let Some People Understand Web3.0 First
IOS
Android