A researcher warned that more than 400 NPM libraries, including at least 10 crypto packages mostly tied to ENS, were compromised by Shai Hulud malware.
A major JavaScript supply-chain attack has compromised hundreds of software packages, including at least 10 used widely across the crypto ecosystem, according to research from cybersecurity firm Aikido Security.
In a Monday post, Charlie Eriksen, a researcher at Aikido Security, shared the names of over 400 packages that showed signs of infection with the “Shai Hulud” self-replicating worm malware used in the ongoing JavaScript NPM library supply chain attack. Eriksen said he validated each detection to avoid false positives.
Many of the cryptocurrency-related packages involved receive tens of thousands of downloads per week and have numerous other packages that require them to function. In an X post published earlier Monday, Eriksen also warned the Ethereum Name Service (ENS) team that several of their packages were affected.
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments