Malicious code in solana-cli-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80ee640ddeeacc31a125ec0fcc11dcb5f9a23e18f5ed003ce2dfcb1de8bbe1dd On import solanaclipy, the package's top-level init.py unconditionally invokes report, which harvests standard developer-side secret material and POS...

Malicious code in spl-token-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e05ba3043dc87365ee0b1dc44cc58243b34b6cdccdf258c5bb9218a06a65d336 On import spltokenpy, the package's init.py collects sensitive files from the installer's machine — /.config/solana/id.json Solana wallet key,...

Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files

New version of Vidar infostealer spreads via fake CAPTCHAs, hides in JPEG and TXT files, uses fileless attacks and steals browser, crypto wallet data...

MAL-2026-2508 Malicious code in @fairwords/websocket (npm)

The @fairwords/websocket package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+ environment variabl...

TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign

Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers...

Malicious code in license-utils-kit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eb0116c55754c947c819c966f213a99864511536a414619cf3154b89be59f9e8 Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet...

Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,"...

Kraken botnet bypass Windows Defender to steal crypto wallet data

By Deeba Ahmed Kraken botnet utilizes SmokeLoader malware, and its operators have already been raking in around $3,000 per month. ZeroFox… This is a post from HackRead.com Read the original post: Kraken botnet bypass Windows Defender to steal crypto wallet data...

Fake KPSPico Windows activator tool KPSPico steals crypto wallet data

By Waqas Watch out for fake and malicious KMSPico Windows activator used in spreading CrypBot malware to steal crypto wallets' data. This is a post from HackRead.com Read the original post: Fake KPSPico Windows activator tool KPSPico steals crypto wallet data...