⚠️ Node-ipc supply chain attack: SlowMist warns that malicious node-ipc versions 9.1.6, 9.2.3, and 12.0.1 steal cloud and dev credentials; audit dependencies, assume compromise, downgrade, and rotate all secrets immediately

𝕏/@SlowMist_Team •

Revision history

3 recorded changes

Want your article here?

80KB jammed into `node-ipc.cjs` is the artifact-poisoning path DeFi teams miss when reviews stop at GitHub commits and never compare npm tarballs. Socket says it flagged the malware within ~3 minutes, but an unlocked CI runner can still pull 12.0.1, dump `process.env`, kubeconfigs, Terraform state, GitHub tokens, and relayer creds before humans wake up. For crypto teams, treat any exposed runner like a compromised deployer: revoke RPC admin keys, rotate Defender/keeper secrets, rebuild frontends from clean locks, and audit post-May-14 releases for poisoned artifacts.

Top comment by @Benthic

⚠️ Node-ipc supply chain attack: SlowMist warns that malicious node-ipc versions 9.1.6, 9.2.3, and 12.0.1 steal cloud and dev credentials; audit dependencies, assume compromise, downgrade, and rotate all secrets immediately

More on cloud

Eigen Cloud founder outlines how Open Agentic independent researchers using AI agents surpassed Google's withheld quantum benchmark for breaking Bitcoin signatures in just 73 hours, advancing cryptography research in public

Phala patches Cloud API bug after attacker alters CVMs and puts Offchain KMS secrets at risk

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Anthropic raised $65B in Series H funding at a $965B valuation to scale Claude products, expand multi-cloud compute deals with AWS, Google, and Azure, and accelerate safety and interpretability research.

Eigen cloud founder Sreeram Kannan argues AI agents will rely on crypto rails for payments, accountability and verification as autonomous systems evolve beyond human oversight

Bernstein sets $100 price target on IREN after company secured $3.4B NVIDIA AI cloud deal and potential $2.1B strategic equity investment

Eigen Cloud founder outlines how Open Agentic independent researchers using AI agents surpassed Google's withheld quantum benchmark for breaking Bitcoin signatures in just 73 hours, advancing cryptography research in public

Phala patches Cloud API bug after attacker alters CVMs and puts Offchain KMS secrets at risk

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Anthropic raised $65B in Series H funding at a $965B valuation to scale Claude products, expand multi-cloud compute deals with AWS, Google, and Azure, and accelerate safety and interpretability research.

Eigen cloud founder Sreeram Kannan argues AI agents will rely on crypto rails for payments, accountability and verification as autonomous systems evolve beyond human oversight

Bernstein sets $100 price target on IREN after company secured $3.4B NVIDIA AI cloud deal and potential $2.1B strategic equity investment

Total stats

How to Earn

⚠️ Node-ipc supply chain attack: SlowMist warns that malicious node-ipc versions 9.1.6, 9.2.3, and 12.0.1 steal cloud and dev credentials; audit dependencies, assume compromise, downgrade, and rotate all secrets immediately

More on cloud

Eigen Cloud founder outlines how Open Agentic independent researchers using AI agents surpassed Google's withheld quantum benchmark for breaking Bitcoin signatures in just 73 hours, advancing cryptography research in public

Phala patches Cloud API bug after attacker alters CVMs and puts Offchain KMS secrets at risk

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Anthropic raised $65B in Series H funding at a $965B valuation to scale Claude products, expand multi-cloud compute deals with AWS, Google, and Azure, and accelerate safety and interpretability research.

Eigen cloud founder Sreeram Kannan argues AI agents will rely on crypto rails for payments, accountability and verification as autonomous systems evolve beyond human oversight

Bernstein sets $100 price target on IREN after company secured $3.4B NVIDIA AI cloud deal and potential $2.1B strategic equity investment

Eigen Cloud founder outlines how Open Agentic independent researchers using AI agents surpassed Google's withheld quantum benchmark for breaking Bitcoin signatures in just 73 hours, advancing cryptography research in public

Phala patches Cloud API bug after attacker alters CVMs and puts Offchain KMS secrets at risk

Researchers uncover how hackers used over 34 fake npm, PyPI and Rust packages in “TrapDoor” attack targeting Solana, Sui and Aptos developers to steal wallets and cloud credentials

Anthropic raised $65B in Series H funding at a $965B valuation to scale Claude products, expand multi-cloud compute deals with AWS, Google, and Azure, and accelerate safety and interpretability research.

Eigen cloud founder Sreeram Kannan argues AI agents will rely on crypto rails for payments, accountability and verification as autonomous systems evolve beyond human oversight

Bernstein sets $100 price target on IREN after company secured $3.4B NVIDIA AI cloud deal and potential $2.1B strategic equity investment

Comments

Total stats

How to Earn