NPM dependencies, supply chain attacks, and Bitcoin wallets

NPM dependencies, supply chain attacks, and Bitcoin wallets

The EventStream incident shows just how easily attackers can infiltrate the open source software supply chain by adding a malicious dependency to a trusted component. What happened with EventStream? On Nov. 20, 2018, it was discovered that EventStream, a highly popular JavaScript library, was compromised with the addition of a ... Read More