MAL-2026-3182 Malicious code in redeem-onchain-sdk (npm)

redeem-onchain-sdk is a malicious npm package impersonating a Polymarket on-chain SDK. It collects SSH keys, AWS credentials, .npmrc tokens, Docker auth, Chrome saved logins, .env files, and a month of git commit history, then ships everything over a raw TCP socket to an AWS-hosted C2. Two trigge...

MAL-2026-1963 Malicious code in polymarket-onchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2766ecc75c1eebb5fc12c56509494d72472b8b2a8a2c0ebdb296bdfbcc06023d The package polymarket-onchain was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview polymarket-onchain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in polymarket-onchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2766ecc75c1eebb5fc12c56509494d72472b8b2a8a2c0ebdb296bdfbcc06023d The package polymarket-onchain was found to contain malicious code. Source: ghsa-malware...