MAL-2026-3182 Malicious code in redeem-onchain-sdk (npm)

redeem-onchain-sdk is a malicious npm package impersonating a Polymarket on-chain SDK. It collects SSH keys, AWS credentials, .npmrc tokens, Docker auth, Chrome saved logins, .env files, and a month of git commit history, then ships everything over a raw TCP socket to an AWS-hosted C2. Two trigge...

Malicious code in vue-sfc-require-hook (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7cfa99fb8cfe12fc2eeaa5922910fd5069600243483dcc96133e02c819e4d201 Any computer that has this package installed or running should be considered...