Researchers from Checkmarx discovered a supply chain attack in the Node Package Manager (NPM) ecosystem, blending malware with blockchain technology for command-and-control operations. “jest-fet-mock”, a malicious package disguised as a JavaScript testing tool, targets developers. The malware leverages information from Ethereum smart contracts on infected systems and communicates with a command server, maintaining a resilient infrastructure. This innovative use of blockchain makes it difficult for traditional cybersecurity methods to detect or remove. Checkmarx has urged developers to improve security protocols to prevent similar breaches.
Qilin Ransomware Surging Following The Fall of dominant RansomHub RaaS
The ransomware landscape experienced a significant shift in the second quarter of 2025 as Qilin ransomware emerged as the dominant threat following the unexpected collapse
