Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...
PCMag

Another Week, Another Data Disaster: Substack, Coinbase, and a Malicious Notepad++ Update

If you have accounts on any of these services, now's a good time to check your security settings. Plus more from a busy week ...