Hackers hide malware in GitHub, npm, and VS Code packages using invisible Unicode so supply‑chain attacks bypass human review and common defenses.

Hackers hide malware in GitHub, npm, and VS Code packages using invisible Unicode so supply‑chain attacks bypass human review and common defenses.

Arstechnica •

Revision history

2 recorded changes

Want your article here?

Promote with Leviathan News

More on Hacker

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Coindesk ·

Superfortune investigates $GUA multisig transaction that targeted hacker address

Superfortune investigates $GUA multisig transaction that targeted hacker address

𝕏/@SUPERFORTUNE888 ·

THORChain nodes approve ADR028 recovery plan, activating hacker bounty as v3.19.0 heads to stagenet

THORChain nodes approve ADR028 recovery plan, activating hacker bounty as v3.19.0 heads to stagenet

𝕏/@THORChain ·

CertiK CEO warns AI is giving DeFi hackers an edge as attackers automate exploits, target supply chains, and overwhelm defenders across an increasingly vulnerable crypto ecosystem

CertiK CEO warns AI is giving DeFi hackers an edge as attackers automate exploits, target supply chains, and overwhelm defenders across an increasingly vulnerable crypto ecosystem

The Block ·

Crypto crime surges past $11B as scammers, hackers, and sanctioned states exploit pseudonymous, cross-border crypto rails yet growing on-chain forensics are turning blockchain’s transparency into their biggest weakness.

Crypto crime surges past $11B as scammers, hackers, and sanctioned states exploit pseudonymous, cross-border crypto rails yet growing on-chain forensics are turning blockchain’s transparency into their biggest weakness.

info.arkm ·

Whitehat hacker returns $190K out for $209K to Renegade protocol after exploiting flawed Arbitrum dark pool contract, keeping 10% bounty to avoid legal action

Whitehat hacker returns $190K out for $209K to Renegade protocol after exploiting flawed Arbitrum dark pool contract, keeping 10% bounty to avoid legal action

CoinTelegraph ·

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Coindesk ·

Superfortune investigates $GUA multisig transaction that targeted hacker address

Superfortune investigates $GUA multisig transaction that targeted hacker address

𝕏/@SUPERFORTUNE888 ·

THORChain nodes approve ADR028 recovery plan, activating hacker bounty as v3.19.0 heads to stagenet

THORChain nodes approve ADR028 recovery plan, activating hacker bounty as v3.19.0 heads to stagenet

𝕏/@THORChain ·

CertiK CEO warns AI is giving DeFi hackers an edge as attackers automate exploits, target supply chains, and overwhelm defenders across an increasingly vulnerable crypto ecosystem

CertiK CEO warns AI is giving DeFi hackers an edge as attackers automate exploits, target supply chains, and overwhelm defenders across an increasingly vulnerable crypto ecosystem

The Block ·

Crypto crime surges past $11B as scammers, hackers, and sanctioned states exploit pseudonymous, cross-border crypto rails yet growing on-chain forensics are turning blockchain’s transparency into their biggest weakness.

Crypto crime surges past $11B as scammers, hackers, and sanctioned states exploit pseudonymous, cross-border crypto rails yet growing on-chain forensics are turning blockchain’s transparency into their biggest weakness.

info.arkm ·

Whitehat hacker returns $190K out for $209K to Renegade protocol after exploiting flawed Arbitrum dark pool contract, keeping 10% bounty to avoid legal action

Whitehat hacker returns $190K out for $209K to Renegade protocol after exploiting flawed Arbitrum dark pool contract, keeping 10% bounty to avoid legal action

CoinTelegraph ·

Explore the full feed

Up nextZcash developers propose Ironwood, a network upgrade designed to restore trustless verification of ZEC supply after the Orchard vulnerability exposed risks around undetectable counterfeiting