SlowMist discovers cross registry supply chain attacks targeting developers

According to SlowMist monitoring, MistEye has detected that attackers have released over 34 malicious packages and 384 related versions through npm, PyPI, and Crate.io, targeting encryption, DeFi, Solana, Sui/Move, and AI developers. The attack involves stealing encrypted wallets, SSH keys, cloud credentials, and other data, and attempting to achieve persistence through various methods. SlowMist suggests removing affected packages, isolating the system, rotating credentials, and rebuilding the development environment from a clean image.