Attackers hijacked popular NPM packages to replace crypto wallet addresses(exaforce.com)
exaforce.com
Attackers hijacked popular NPM packages to replace crypto wallet addresses
https://www.exaforce.com/blogs/snake-in-my-package-npm-wallet-hijack
2 comments
Big discussion yesterday (1280 points, 703 comments) https://news.ycombinator.com/item?id=45169657
On September 8, 2025, NPM reported that several libraries were compromised in a user-side man-in-the-middle attack. This research dives into the details about how the attack works.