Revived CryptoJS library is a crypto stealer in disguise

by Ax Sharma on April 30, 2025

Revived CryptoJS library is a crypto stealer in disguise

An illicit npm package called ‘crypto-encrypt-ts‘ may appear to revive the unmaintained but vastly popular CryptoJS library, but what it actually does is peek into your crypto wallet and exfiltrate your secrets to threat actors.

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Ax Sharma. Read the original post at: https://www.sonatype.com/blog/revived-cryptojs-library-is-a-crypto-stealer-in-disguise

April 30, 2025April 30, 2025 Ax Sharma 0 Comments Javascript, Malware, npm, Vulnerabilities

Revived CryptoJS library is a crypto stealer in disguise

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Randall Munroe’s XKCD ‘Baker’s Units’