Your browser does not support the audio element.
bitnasdaq-logo
  • ···
  • Buy Crypto
  • ···
  • Futures
  • ···
  • Trade
  • ···
  • Market
  • ···
  • Mining
  • ···
  • Financial
  • ···

Announcement

Help Center>News>Posts>

🚨Another NPM supply chain attack `@ctrl/tinycolor` (2.2M w

360degreemarketing

Updated at: 2 hours ago

{"content":"🚨Another NPM supply chain attack `@ctrl/tinycolor` (2.2M weekly downloads) shipped malicious versions that run an infostealer during npm postinstall to scan for and exfiltrate sensitive data. The payload abuses TruffleHog, a legitimate secret scanner. Check if you pulled affected versions, pause installs/updates, and pin to known-good releases.","images":["https://d2kdcqywr8ua22.cloudfront.net/uploadfile/article/blog/2025092025/09/16/a2b5f0a4b2914352995857e14bcf918f.png"],"tags":[],"tradingPairs":[],"quotearticleid":0}

Related Articles

  • Guys, I keep saying — don’t miss this dip! Buy as much as yo
  • 🚨BREAKING: 🇺🇸 S&P 500 closed above 6,600 for the first t
  • [Preview of this Week's Binance Square Live Trading Broadcas
  • Guys, the market has dropped hard and is looking really low
  • $TRUMP {spot}(TRUMPUSDT) What should I do Please Experts Gu
  • Solana Pulls Back 📉 Healthy Dip or Start of Bigger Correct
  • 🚀 CAN $10 IN $BTTC REALLY 10,000x YOUR PORTFOLIO? 🚀 Let’
  • 🔥 ELON MUSK JUST SHOOK THE WORLD! 🔥 Elon Musk didn’t just
  • profit increase 🤪🤪#Tnsr #doge My trasted coin whats your 🪙🪙🪙🪙🪙???
  • please guide me Biggest loss