- SOL0%
- SUI0%
BlockBeats News, May 25th, according to Slowmist, the security firm MistEye detected a cross-registry supply chain attack, where the attacker published malicious packages to npm, PyPI, and crates.io targeting developers in the cryptocurrency, DeFi, Solana, Sui/Move, and AI fields. The attack involved 34+ malicious packages and over 384 related versions.
The attacker could potentially steal cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and developer sensitive information. Some malicious payloads also attempted persistence through .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH.
Developers are advised to immediately remove the affected packages, isolate affected systems, retain logs, rotate exposed credentials, rebuild CI/CD environments and developer machines from clean images, and review GitHub, cloud service, SSH, and wallet activity logs.
免責聲明:當前內容均來自第三方觀點或由AI直接翻譯第三方觀點,CoinEx不保證內容的真實性、準確性和原創性,不構成CoinEx相關的任何投資建議。數字資產價格波動劇烈,請注意潛在風險。
- 幣種價格24H漲跌