Node-ipc supply chain attack targets crypto devs
Source: Mexc
Published:
<p>Three poisoned versions of node-ipc went live on the npm registry on May 14, according to SlowMist. Attackers hijacked a dormant maintainer account and pushed code designed to siphon developer credentials, private keys, exchange API secrets, the works, straight out of .env files.</p> <p>node-ipc