[SlowMist: Cross-Platform Supply Chain Attack Targeting Crypto Developers Detected, Involving Over 34 Malicious Packages] Odaily Planet Daily reports that, according to monitoring by SlowMist, MistEye has detected a cross-registry supply chain attack targeting developers. The attackers carried out the attack by publishing malicious packages via npm, PyPI, and Crates.io. This attack involves over 34 malicious packages and more than 384 related versions, targeting communities including crypto, DeFi, Solana, Sui/Move, and AI developers. Potential malicious actions by the attackers include stealing crypto wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and developer keys. Some payloads also attempt to achieve persistence through cursorrules, CLAUDE.md, Git hooks, Shell hooks, cron, systemd, and SSH. SlowMist recommends immediately removing affected packages, isolating impacted systems, preserving logs, rotating exposed credentials, rebuilding CI runners and developer machines from clean images, and reviewing activities on GitHub, cloud services, SSH, and wallets.