Malicious code in polymarket-claude-code (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

Malicious code in polymarket-terminal (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

Malicious code in polymarket-trading-cli (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

Malicious code in ethrpc-keys (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f086c363123d21b52dc28b5a642db6c1eb84e01dc519995435476b19655d63a9 The malicious code is in the ethrpc-keys package, which is a clone of legitimate eth-keys, but contains a modification that silently exfiltrates the user's...

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fastlog to steal Solana and Ethereum wallet keys from source code. The crates, named fasterlog and asyncprintln, were published by the threat actor under the alias rustguruman and...

MAL-2025-623 Malicious code in @nomicsfondation/hardhat-configs (npm)

This package exfiltrates sensitive Ethereum-related data such as mnemonics and private keys to an attacker-controlled server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72a47b5bdfeac96982433856ac791ab0638f2d6f64f388ceb2a284f35597c37a Any computer that has this...

CVE-2022-40769

profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...

Chrome Extension Stealing Cryptocurrency Keys and Passwords

A malicious Chrome extension surreptitiously steals Ethereum keys and passwords: According to Denley, the extension is dangerous to users in two ways. First, any funds ETH coins and ERC0-based tokens managed directly inside the extension are at risk. Denley says that the extension sends the priva...