Supply chain attacks affect PyPI/npm/crates.io, with over 34 malicious packages targeting cryptocurrency and AI developers
By: rootdata|2026/05/26 04:45:01
0
Share
According to Slow Fog's disclosure, the security agency MistEye detected a cross-registry supply chain attack incident, where attackers targeted developers in the fields of cryptocurrency, DeFi, Solana, Sui/Move, and AI by publishing malicious packages on npm, PyPI, and crates.io. This attack activity includes more than 34 malicious packages and over 384 related versions. The attackers may steal cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and developers' confidential information.
Some of the malicious payloads also attempted to achieve persistence through .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH. Developers are advised to immediately remove the affected packages, isolate the affected systems, retain logs, rotate exposed credentials, rebuild CI environments and developer machines from clean images, and review GitHub, cloud services, SSH, and wallet activity logs.
You may also like
A Perspective on the Indian Cryptocurrency Market: Descending into Silence or Moving Towards Maturity?
The Indian cryptocurrency industry has not gone silent; it is steadily maturing towards diversification.
It took me a year to see the painful truth about Agent payments
Among the four major tracks of Agent purchasing, Agent API, Agent inter-payment, and Agent finance, currently only Agent finance has real users and willingness to pay. But worse than having no demand is that the real competition point has never been payment...
Morning News | Bitmine issues preferred shares to raise $300 million; Polymarket accuses Kalshi of industrial espionage
Overview of Important Market Events on June 4th
Privacy coin trust crisis! ZEC plummets over 56% in a single day
The recent increase in ZEC is nearly 3 times, and the vulnerability news may have just provided an opportunity to exit.
Who is leading the price discovery in the cryptocurrency market? Measured delays on platforms like Binance and Hyperliquid
There is a saying circulating on crypto Twitter: Hyperliquid has replaced Binance and become the center of crypto price discovery. Arrakis conducted a cross-platform test using the tick-by-tick transaction data from 29 perpetual markets, and the truth lies within milliseconds.
Anthropic launches IPO: Business miracle or valuation bubble?
Human economy is transitioning from a carbon-based drive to a dual-engine drive of carbon-based and silicon-based, which is what is truly happening behind Anthropic's IPO.
What Is SpaceX IPO and Why Is Everyone Talking About It?
What is SpaceX IPO? Learn why investors are watching SpaceX's potential $1.77 trillion public debut, from Starlink and AI to Mars ambitions, valuation risks, and pre-IPO trading opportunities.
Macroeconomic Analysis of the African Payment Market Landscape
Why mobile payments and cryptocurrencies thrive in the absence of banks
Morning Report | Coinbase Ventures makes its first investment in ENA; SpaceX plans to set the IPO price at $135 per share
Overview of Important Market Events on June 3rd
Full text and analysis of the speech by the CEO of SanDisk at the 42nd Annual Strategic Decision Conference of Bernstein
The core value of Goeckeler's speech lies in its provision of a highly transparent and logically clear narrative framework for corporate transformation.
Bitcoin Price Prediction 2030: Ark Invest Forecasts $710K
Explore Ark Invest and Standard Chartered bitcoin price prediction 2030 forecasts, plus key risks and how to position your portfolio. Full analysis on WEEX.
WEEX Review 2026: Fees, Security and Trading Features
Read our in-depth WEEX review covering fees, security, copy trading, and 400x leverage. See how it compares to Binance and Bybit. Full analysis on WEEX.
SOL Price Today: Live Solana Price, Charts & Market Data
Find the SOL price today with real-time data, plus key drivers behind Solana's movement and actionable trading tips. Read the full analysis on WEEX.
What Is a Bitcoin ETF: Spot vs Futures Explained
Learn what a Bitcoin ETF is, how spot vs. futures ETFs work, and why institutional inflows are reshaping BTC in 2026. WEEX analysis.
Why Is Bitcoin Dropping 15% While Nasdaq Hits Record Highs?
Bitcoin plunges 15% to $66K amid geopolitical tension fears while Nasdaq soars to all-time highs. Analysis of macroeconomic drivers, ETF flows, retail vs. whale behavior, and the hidden correlation between crypto and stocks.
Morning Report | Robinhood completes acquisition of WonderFi for $180 million; Anthropic submits IPO draft application to SEC confidentially; Google plans to raise $80 billion in financing
Overview of Important Market Events on June 2nd
Why do I still have confidence in ETH?
As stablecoins and RWAs accelerate on-chain, Ethereum's role as a global value settlement layer has only just begun, and the market will eventually reprice ETH.
CRCL surges and plummets, COIN follows with a dive: The real battle for interests behind the CLARITY Act
The leak of the CLARITY bill draft has triggered a plunge in Circle and Coinbase, directly hitting the core provision of the stablecoin "ban on interest," revealing the deep political and economic game in Washington's strict prevention of stablecoins evolving into on-chain savings accounts and the c...
A Perspective on the Indian Cryptocurrency Market: Descending into Silence or Moving Towards Maturity?
The Indian cryptocurrency industry has not gone silent; it is steadily maturing towards diversification.
It took me a year to see the painful truth about Agent payments
Among the four major tracks of Agent purchasing, Agent API, Agent inter-payment, and Agent finance, currently only Agent finance has real users and willingness to pay. But worse than having no demand is that the real competition point has never been payment...
Morning News | Bitmine issues preferred shares to raise $300 million; Polymarket accuses Kalshi of industrial espionage
Overview of Important Market Events on June 4th
Privacy coin trust crisis! ZEC plummets over 56% in a single day
The recent increase in ZEC is nearly 3 times, and the vulnerability news may have just provided an opportunity to exit.
Who is leading the price discovery in the cryptocurrency market? Measured delays on platforms like Binance and Hyperliquid
There is a saying circulating on crypto Twitter: Hyperliquid has replaced Binance and become the center of crypto price discovery. Arrakis conducted a cross-platform test using the tick-by-tick transaction data from 29 perpetual markets, and the truth lies within milliseconds.
Anthropic launches IPO: Business miracle or valuation bubble?
Human economy is transitioning from a carbon-based drive to a dual-engine drive of carbon-based and silicon-based, which is what is truly happening behind Anthropic's IPO.
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
