Malicious code in ethereum-kit-9 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+. postinstall auto-execs, src/index.js harvests /.ssh/idrsa+ided25519+Sol/Eth/BTC/Tron/Sui/Aptos wallets+.env+seeds, self-labels "CRYPTO STEALER", exfils to SAME Telegram bot 8227918239 chat 6433587894 not rotated. Campaign now...

Malicious code in coffin-codes-net (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 df624a59b2cb5ef5cf295a7e63718bf7938250f59c5cda19bb6f43c40824e99b So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...