SlowMist Flags Cross-Registry Supply-Chain Attack Aimed at Crypto Developers

Odaily Planet Daily reports that SlowMist's monitoring unit MistEye has identified a cross-registry supply-chain campaign targeting developers, with attackers distributing malicious packages across npm, PyPI and Crates.io. The operation spans more than 34 malicious packages and over 384 related versions, focusing on cryptocurrency, DeFi, Solana, Sui/Move and AI developer communities. SlowMist said suspected objectives include theft of crypto wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables and developer keys. Some payloads also attempt to establish persistence using cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd and SSH. SlowMist advised users to remove affected packages immediately, isolate potentially compromised machines, preserve logs, rotate any exposed credentials, rebuild CI runners and developer devices from clean images, and review activity across GitHub, cloud services, SSH and wallet accounts.

Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.

SlowMist Flags Cross-Registry Supply-Chain Attack Aimed at Crypto Developers

Aave Re-enables WETH Lending on Six Networks After 95.4% rsETH Recovery

Bitcoin Slips Under $77,000 After Two Binance Taker-Sell Spikes Above $1B

CryptoQuant Bull-Bear Indicator Flips Green on May 12, 2026, First Since March 2023

May 14, 2026: Bitcoin Drops Below $80,000 as U.S. PPI Hits 6.0% and Trump Meets Xi

S&P 500 hits a new high as Bitcoin breaks $80,000 and slips to $78,759.70

Bitcoin Holds Near $81,186 on May 12, 2026 as OI Drops and Funding Turns Deeply Negative