A coordinated supply chain attack has targeted the npm ecosystem, involving 30 malicious packages, according to a SlowMist Security Alert. Attackers distributed JavaScript infostealers by creating fake trading bot repositories and DeFi-themed npm packages. The stake-math@3.5.4 package was identified as a locked dependency in the donoaccestag/forex-mt5-trading-bot repository, which showed signs of anomalies with about 23,000 similar forked repositories under the poly-stocks account.
The attack poses a risk of theft of sensitive data, including crypto wallets, browser cookies, passwords, developer credentials, private keys, seed phrases, and API tokens. Developers are advised to remove affected packages, audit dependencies and CI logs, treat systems that have run npm install as compromised, rotate exposed credentials, and rebuild environments from clean images.
npm Ecosystem Targeted by 30 Malicious Package Attacks
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.
