Failed NPM exploit highlights looming threat to crypto security: Exec

Ledger chief technology officer Charles Guillemet said that while the immediate danger had passed, the threat still exists.

A recent Node Package Manager (NPM) attack stole just $50 worth of crypto, but industry experts say the incident highlights ongoing vulnerabilities for exchanges and software wallets.

Charles Guillemet, the chief technology officer of hardware wallet company Ledger, said in a Tuesday X post that the attempted exploit was a “clear reminder” that software wallets and exchanges remain exposed to risks.  

If your funds sit in a software wallet or on an exchange, you’re one code execution away from losing everything,” he said, adding that supply-chain compromises remain a powerful malware delivery vector. 

Read more