Supply Chain Attack Targets npm and PyPI Packages

Cybersecurity researchers have uncovered a new supply chain attack where legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised. The attackers pushed malicious versions of these packages to facilitate wallet credential theft and remote code execution.

The compromised packages are part of the dYdX protocol, a decentralized exchange (DEX) that allows users to trade cryptocurrencies. The affected packages include:

Also Read: WordPress Quiz Maker Vulnerability: SQL Injection Exploited in Version 6.7.0.56
  • @dydxprotocol/v4-client-js (npm) - versions 3.4.1, 1.22.1, 1.15.2, and 1.0.31

The malicious packages deliver wallet stealers and RAT (Remote Access Trojan) malware, which can lead to significant financial losses and unauthorized access to sensitive information. Users who have installed these packages are advised to take immediate action to mitigate the threat.

Also Read: MotionEye 0.43.1b4 Vulnerability: Remote Code Execution Risk

To protect themselves, users should update their packages to the latest version, monitor their wallet activity, and use two-factor authentication to prevent unauthorized access. Additionally, developers should ensure that their dependencies are up-to-date and use secure package management practices to prevent similar attacks in the future.

Where curiosity meets code and security meets strategy.

Kian Technologies