The NPM package "@ctrl/tinycolor" was attacked by supply chain, containing malicious information stolen

Related News

• The NPM package "@ctrl/tinycolor" with a weekly download volume of 2.2 million times was attacked by the supply chain, containing a malicious information stealer
  ChainCatcher 2025-09-16 09:53:05
• The NPM package "@ctrl/tinycolor" with a weekly download volume of 2.2 million times was attacked by the supply chain, containing a malicious information stealer
  BlockBeats 2025-09-16 09:52:09
• The NPM package "@ctrl/tinycolor" with a weekly download volume of 2.2 million times was attacked by the supply chain, containing a malicious information stealer
  Odaily 2025-09-16 09:39:08
• Another attack on the NPM supply chain: @ctrl/tinycolor releases a malicious version
  CoinWorld 2025-09-16 09:36:03
• An attack on the NPM supply chain has occurred again, @ctrl/tinycolor releases a malicious version
  ChainCatcher 2025-09-16 09:32:03
• An attack on the NPM supply chain occurred again, @ctrl/tinycolor released a malicious version
  PANews 2025-09-16 09:31:33