ENS Npm Packages Compromised in Supply Chain Cyberattack Affecting 400 Libraries

A supply chain cyberattack compromised over 400 npm code libraries, impacting Ethereum Name Service (ENS) and other platforms like Zapier, PostHog, and Postman. ENS Labs confirmed that user assets and domain names are unaffected, updating package versions and security credentials.

Compromised packages include gate-evm-check-code2, evm-checkcode-cli, create-hardhat3-app, and coinmarketcap-api.
The attack involves malicious packages uploaded between Nov. 21-23, stealing developer passwords and tokens from GitHub and npm.
If unable to steal data, the malware may erase files in the user's home directory.

Developers who installed ENS packages shortly after the breach need to delete node_modules folders, clear npm cache, and change credentials. GitHub is removing malicious repositories, but new threats continue to emerge.