18 Popular npm Packages Compromised in Attack

Aikido Security detected a series of packages being pushed to npm that appeared to contain malicious code, according to a post by Charlie Eriksen, a security researcher with the firm.

These were 18 popular packages with more than 2 billion downloads per week, according to Eriksen.

“The packages were updated to contain a piece of code that would be executed on the client of a website, which silently intercepts crypto and web3 activity in the browser, manipulates wallet interactions, and rewrites payment destinations so that funds and…