Your browser does not support the audio element.
bitnasdaq-logo
  • ···
  • Buy Crypto
  • ···
  • Futures
  • ···
  • Trade
  • ···
  • Market
  • ···
  • Mining
  • ···
  • Financial
  • ···

Announcement

Help Center>News>Posts>

🚨Another NPM supply chain attack `@ctrl/tinycolor` (2.2M w

360degreemarketing

Updated at: 4 hours ago

{"content":"🚨Another NPM supply chain attack `@ctrl/tinycolor` (2.2M weekly downloads) shipped malicious versions that run an infostealer during npm postinstall to scan for and exfiltrate sensitive data. The payload abuses TruffleHog, a legitimate secret scanner. Check if you pulled affected versions, pause installs/updates, and pin to known-good releases.","images":["https://d2kdcqywr8ua22.cloudfront.net/uploadfile/article/blog/2025092025/09/16/a2b5f0a4b2914352995857e14bcf918f.png"],"tags":[],"tradingPairs":[],"quotearticleid":0}

Related Articles

  • 🚨🇺🇸BREAKING: AMERICAN EXPRESS GOES CRYPTO WITH BLOCKCHAIN
  • [Preview of this Week's Binance Square Live Trading Broadcas
  • $XRP All tps hit #successfully 🤩🥳💪🤝 How much profit did
  • $IMX /USDT (4H chart) 👇 🎯 Resistance Levels R1: 0.75 R
  • 🚨BITCOIN’S Q4 PLAYBOOK IS PROGRAMMED. September green has
  • Is $XRP going to reach $10,000?!?! #TRUMP #xrp #crypto #Investing #Finance $TRUMP
  • Boooooooooooooooom 🥰🥰😍😍😍😍 $ETH $SOL $1000FLOKI
  • The Oracle That Links All Chains: Pyth Network @PythNetwork
  • 🚨Did you know? Strategy now controls over 3% of the entire
  • One day I'll be a rich man. Insha Allah🥰 . it's just all ab