PANews reported on September 16th that Scam Sniffer detected another attack targeting the NPM supply chain. @ctrl/tinycolor (downloaded 2.2 million times weekly) released a malicious version that runs an information stealer during npm's postinstall script to scan for and steal sensitive data. This malicious payload abuses the legitimate sensitive information scanning tool TruffleHog. Please check if you have downloaded the affected version, suspend installation/updates, and pin to a known safe version.PANews reported on September 16th that Scam Sniffer detected another attack targeting the NPM supply chain. @ctrl/tinycolor (downloaded 2.2 million times weekly) released a malicious version that runs an information stealer during npm's postinstall script to scan for and steal sensitive data. This malicious payload abuses the legitimate sensitive information scanning tool TruffleHog. Please check if you have downloaded the affected version, suspend installation/updates, and pin to a known safe version.
Another attack on the NPM supply chain: @ctrl/tinycolor releases a malicious version
PANews reported on September 16th that Scam Sniffer detected another attack targeting the NPM supply chain. @ctrl/tinycolor (downloaded 2.2 million times weekly) released a malicious version that runs an information stealer during npm's postinstall script to scan for and steal sensitive data. This malicious payload abuses the legitimate sensitive information scanning tool TruffleHog. Please check if you have downloaded the affected version, suspend installation/updates, and pin to a known safe version.
Piyasa Fırsatı
PinLink Fiyatı(PIN)
$0.1013
$0.1013$0.1013
USD
PinLink (PIN) Canlı Fiyat Grafiği
Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen [email protected] ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.
Ayrıca Şunları da Beğenebilirsiniz
Social engineering kost crypto miljarden in 2025
De grootste dreiging voor crypto zit niet altijd in bugs of fouten in de code. Vaak gaat het fout bij mensen zelf. Nieuwe cijfers over 2025 laten zien hoe misleiding
Paylaş
Coinstats2025/12/26 03:01
Christmas Stocking Stuffers? Don't Ignore These Bitcoin Mining Stocks That Gave Impressive Returns In 2025
Christmas brings cheer, cakes and cozy vibes, but it can also be a perfect time for kicking off investments you may not have considered before.read more
Paylaş
Coinstats2025/12/26 03:01
Academic Publishing and Fairness: A Game-Theoretic Model of Peer-Review Bias
Exploring how biases in the peer-review system impact researchers' choices, showing how principles of fairness relate to the production of scientific knowledge based on topic importance and hardness.
Paylaş
Hackernoon2025/09/17 23:15