Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

/in

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution.
The compromised versions of the two packages are listed below –

@dydxprotocol/v4-client-js (npm) – 3.4.1, 1.22.1, 1.15.2, 1.0.31&

The Hacker News – ​Read More

‘DKnife’ Implant Used by Chinese Threat Actor for Adversary-in-the-Middle...Airrived Emerges From Stealth With $6.1 Million in Funding