吴说区块链|Mar 28, 2026 01:55
According to security company Socket, researchers have discovered 5 malicious npm packages targeting Ethereum and Solana developers. These packages use typosquatting (name impersonation) to trick users into installing them, stealing private keys and sending them back to attackers via Telegram. Four of the packages target Solana, while one targets Ethereum. The malicious packages hijack critical functions called by developers, uploading private key data before returning normal results. Researchers have submitted takedown requests to npm and advised affected users to immediately transfer assets tied to compromised private keys. (Cryptopolitan)
https://www.(wublock123.com)/index.php?m=content&c=index&a=show&catid=6&id=58734
Share To
HotFlash
APP
X
Telegram
CopyLink