Malicious Package

Overview wallet-security-checker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

Malicious code in wallet-security-checker (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

Malicious code in tron-energy-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 84d2f533c52b85d9b3b4c27fe3863e57365308d49b7a412038b26047e6704450 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

Malicious code in crypto-wallet-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1e40a039f63743a1d3c20fb312ecd2ecb1e47fe20c6787efa0a3f0f441ad5828 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4 and...

EUVD-2019-8388

Malware in sbrugna...

EUVD-2025-19667

Malicious code in bioql PyPI...

Wallets As Universal Access Devices

Wallets are access points for the digital economys value creation. Wallets for blockchains store the end-users cryptographic keys for administrating their digital assets and enable access to blockchain Web3 systems. Web3 delivers new service opportunities. This chapter focuses on the Web3 enabled...

CVE-2025-52294

CVE-2025-52294 affects Trust Wallet v8.45 and is described as insufficient validation of the screen lock mechanism, allowing physically proximate attackers to bypass the lock screen and view the wallet balance. The CVSS 3.1 vector (AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L) yields a base score of 5.7 (...

CVE-2025-5719

The wallet has an authentication bypass vulnerability that allows access to specific pages...

Steer clear of cryptocurrency recovery phrase scams

The dangers of cryptocurrency phishing are back in the news, after tech investor Mark Cuban was reported to have lost around $870k via a phishing link. Cuban lost a combination of coin types as asset movement flagged up after months of inactivity from his wallet. Cuban discovered some of the...

Lindell17 TSS Injection Vulnerability

tss-lib is an open source IO FinNet implementation of the multi-party t,n- threshold ECDSA Elliptic Curve Digital Signature Algorithm based on Gennaro and Goldfeder 20201 and EdDSA Edwards Curve Digital Signature Algorithm. A security vulnerability exists in Lindell17 TSS that stems from allowing...

Anyone can permanently disable the token guardian for their wallet by calling this one DANGER__disableTokenGuardian function

Lines of code Vulnerability details Impact A hacker could call DANGERdisableTokenGuardian, instantly disable the guardian and steal tokens or make malicious approvals Proof of Concept The DANGERdisableTokenGuardian function is risky and should be reconsidered. The main issue is that it allows...

CVE-2023-31290

CVE-2023-31290 affects Trust Wallet Core prior to 3.1.1 used in the Trust Wallet browser extension prior to 0.0.183. The root cause is insufficient entropy: mt19937 seed uses a single 32-bit value, yielding only 4 billion possible mnemonics. Affected browser-extension versions are 0.0.172–0.0.182...

MAL-2023-2330 Malicious code in tkcallendar (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 091da316c04a67c06230fcacc589735925c578c581ac5e4b53f9559824035fca Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-2441 Malicious code in xlxswriter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a6d7b20c5b24a04f16ca2dd94a574502739f7a98a83a7ee842048bcd68fa9a84 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1891 Malicious code in lcick (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9e25a9d33bda3ebfd71312605b236dd37d82a17657ff57c2054436b598312c7f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in websocket-clint (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e2ed5b9c8a0271395a5e0407624dd18f8b28071aee5588b73ad595d0d126499a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1842 Malicious code in freqtrae (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1708a789c030147e2c6d464a5d694826c3b742fbfde84df3a691971cb4ca36de Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

In cryptoland, trust can be costly

While the legal status of cryptocurrencies and laws to regulate them continue to be hammered out, scammers are busy exploiting the digital gold rush. Besides hacking cryptocurrency exchanges, exploiting smart-contract vulnerabilities, and deploying malicious miners, cybercriminals are also...