An illicit npm package called ‘crypto-encrypt-ts’ may appear to revive the unmaintained but vastly popular CryptoJS library, but what it actually does is peek into your crypto wallet and exfiltrate your secrets to threat actors.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/04/revived-cryptojs-library-is-a-crypto-stealer-in-disguise/
