Valkyri Security

18 Popular npm Packages Hacked: 2 Billion Weekly Users at Risk

On September 8, 2025, the npm ecosystem experienced a major coordinated supply-chain attack. A total of 18 widely-used JavaScript packages were compromised with malicious code designed to intercept cryptocurrency transactions in browsers. These packages collectively see over 2 billion weekly downloads, making this incident one of the most impactful attacks

How to Hack a Web3 Wallet (Legally): A Full-Stack Pentesting Guide

INTRODUCTION Crypto wallets are the critical bridge (or gateway) between Web2 and Web3 by which you interact with web3 based dApps. . But what if the very tool you rely on has hidden security flaws? That’s a serious risk. This guide is your essential companion for uncovering bugs in crypto