律动BlockBeats
律动BlockBeats|May 25, 2026 08:15
[SlowMist: Supply Chain Attack Targets PyPI/npm/(crates.io), Over 34 Malicious Packages Aimed at Crypto and AI Developers] BlockBeats News, May 25: According to a disclosure by SlowMist, the security agency MistEye has detected a cross-registry supply chain attack. The attackers published malicious packages to npm, PyPI, and (crates.io), targeting developers in the cryptocurrency, DeFi, Solana, Sui/Move, and AI sectors. This attack involves over 34 malicious packages and more than 384 related versions. The attackers may steal cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and developers' confidential information. Some malicious payloads also attempt to achieve persistent presence through .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH. Developers are advised to immediately remove affected packages, isolate impacted systems, preserve logs, rotate exposed credentials, rebuild CI environments and developer machines from clean images, and review activity logs for GitHub, cloud services, SSH, and wallets. [Original Link]
+3
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads