URL has been copied successfully!
Solana FakeFix Campaign Plants Malicious npm, PyPI Packages to Steal Dev Secrets
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Solana FakeFix Campaign Plants Malicious npm, PyPI Packages to Steal Dev Secrets


Tags: , , , ,

Recent disclosure of the “Solana FakeFix” campaign exposes a coordinated supply-chain attack that abused package registries to steal developer secrets. The campaign comprises 16 malicious npm packages and 4 PyPI packages (25 packages in total when combined with related activity) that impersonated Solana tooling, lodged typosquatted names, and used install- and import-time execution to harvest […] The post Solana FakeFix Campaign Plants Malicious npm, PyPI Packages to Steal Dev Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/solana-fakefix-campaign/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. AI development pipeline attacks expand CISOs’ software supply chain risk
  2. Threat Actors Exploit Open Source Packages to Deploy Malware in Supply Chain Attacks
  3. Weaponized PyPI Package Executes Supply Chain Attack to Steal Solana Private Keys
  4. 71% of CISOs hit with third-party security incident this year