SlowMist: Supply Chain Attack Affects PyPI/npm/crates.io, Over 34 Malicious Packages Targeting Cryptography and AI Developers
BlockBeats News, May 25th, according to Slowmist, the security firm MistEye detected a cross-registry supply chain attack, where the attacker published malicious packages to npm, PyPI, and crates.io targeting developers in the cryptocurrency, DeFi, Solana, Sui/Move, and AI fields. The attack involved 34+ malicious packages and over 384 related versions.
The attacker could potentially steal cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and developer sensitive information. Some malicious payloads also attempted persistence through .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH.
Developers are advised to immediately remove the affected packages, isolate affected systems, retain logs, rotate exposed credentials, rebuild CI/CD environments and developer machines from clean images, and review GitHub, cloud service, SSH, and wallet activity logs.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
IOSG Ventures: Denies any connection with the addresses monitored by Onchainlens
Indian Finance Minister defends Modi's plan to implement austerity policies
Traders are heavily buying call options on Micron, with a premium reaching 1.41 million USD.
Trending news
MoreCrypto prices
More
