SlowMist: Cross-registry supply chain attack detected, multiple malicious packages have affected crypto, AI, and other developer communities
Foresight News reports that SlowMist has issued a security alert stating that its MistEye system detected a cross-registry supply chain attack targeting developers. Malicious packages have been published to npm, PyPI, and Crates.io, involving more than 34 malicious packages and over 384 related versions. Possible attacker actions include stealing crypto wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and developer keys.
The affected developer communities include crypto, DeFi, Solana, Sui/Move, and AI sectors. Some malicious packages also attempt to achieve persistent presence via .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH. SlowMist recommends immediately removing affected packages, isolating infected systems, rotating exposed credentials, rebuilding CI runners and developer machines from clean images, and conducting a comprehensive review of GitHub, cloud services, SSH, and wallet activity records.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
IOSG Ventures: Denies any connection with the addresses monitored by Onchainlens
Indian Finance Minister defends Modi's plan to implement austerity policies
Traders are heavily buying call options on Micron, with a premium reaching 1.41 million USD.
Trending news
MoreCrypto prices
More
