112 matches found
Malicious code in solidity-coverage-plus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44e5a7775aa2bbde61d35a548198d976f9bdc6e9b11de33a2e28f6a6a9929de6 Package name impersonates the well-known solidity-coverage Hardhat plugin sc-forks and ships a verbatim copy of the upstream README. On...
Scammers Send Physical Phishing Letters to Steal Ledger Wallet Seed Phrases
Scammers are mailing fake Ledger phishing letters to users in Italy with QR codes that trick crypto wallet users into revealing seed phrases...
MAL-2026-3772 Malicious code in rimraf-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a59d88d733415216903578b3c3806d76405a23a7cca56ee355eb6725e4e930d4 [email protected] impersonates the widely-installed rimraf package index.js is a dummy stub that internally identifies itself as 'lodash-js — Just a...
MAL-2026-3758 Malicious code in dotenvv-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79fd33c6e511ab11f10b1dae91e2f083f486dd020bbf2dca5256eabc904f61b7 Package name dotenvv-tool impersonates the popular dotenv package; index.js is an admitted dummy stub "The real payload is in postinstall.js". The...
JunoClaw 信息泄露漏洞
JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions prior to JunoClaw 0.x.y-security-1 contained an information leakage vulnerability. This vulnerability stemmed from the fact that each MCP write tool accepted mnemonic phrases as explicit tool invocation parameters,...
Malicious code in eth-wallet-kit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b0cce18986ec63fd689844cfc29b4023837d71b35b173a9cb08476c7575fcf2 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3389 Malicious code in eth-wallet-kit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b0cce18986ec63fd689844cfc29b4023837d71b35b173a9cb08476c7575fcf2 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3392 Malicious code in wallet-scanner-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3c24dfc47c3ee1d37f4d7ec65a43d1f861422d7fb3ee6f8e8b6e6a85fe2b5120 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
Malicious code in wallet-scanner-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3c24dfc47c3ee1d37f4d7ec65a43d1f861422d7fb3ee6f8e8b6e6a85fe2b5120 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3391 Malicious code in tron-energy-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 84d2f533c52b85d9b3b4c27fe3863e57365308d49b7a412038b26047e6704450 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
Malicious code in tron-energy-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 84d2f533c52b85d9b3b4c27fe3863e57365308d49b7a412038b26047e6704450 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3388 Malicious code in crypto-bot-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3ece4ae851dba85751377f47097bd30525eafdcbf8cd08b57d2a06aa3a02b367 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
Malicious code in crypto-bot-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3ece4ae851dba85751377f47097bd30525eafdcbf8cd08b57d2a06aa3a02b367 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
Malicious code in web3-tool-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9b0a2f82214baa91e572e7e7081cc863c213321d2a1f69cace704ce9b4a33e70 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3393 Malicious code in web3-tool-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9b0a2f82214baa91e572e7e7081cc863c213321d2a1f69cace704ce9b4a33e70 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
Malicious code in solana-py-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 410be1fb5add67052173f65435e5dcc6c97d9eda056afa09c612e1afe242be47 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3390 Malicious code in solana-py-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 410be1fb5add67052173f65435e5dcc6c97d9eda056afa09c612e1afe242be47 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3383 Malicious code in wallet-utils-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1c6b0bc86ba79fbf578e23fb2eeb78129ba07b9a274e2e8f780b0d427065290e The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
Malicious code in wallet-utils-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1c6b0bc86ba79fbf578e23fb2eeb78129ba07b9a274e2e8f780b0d427065290e The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...
MAL-2026-3381 Malicious code in solana-scanner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 047a41b9a67bb975c2e98b31b5e13875569de5097f0b61bb5984e300687e03e3 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...