Multiple crypto packages hijacked, turned into info-stealers

by Ax Sharma on March 27, 2025

Multiple crypto packages hijacked, turned into info-stealers

Sonatype has identified multiple npm cryptocurrency packages, latest versions of which have been hijacked and altered to steal sensitive information such as environment variables from the target victims.

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Ax Sharma. Read the original post at: https://www.sonatype.com/blog/multiple-crypto-packages-hijacked-turned-into-info-stealers

March 27, 2025March 27, 2025 Ax Sharma Malware, npm, Vulnerabilities

Multiple crypto packages hijacked, turned into info-stealers

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)