A sophisticated supply chain attack targeting Solana developers has compromised over 25,900 downloads through a weaponized Python package that silently steals cryptocurrency private keys during routine development workflows. The malicious campaign, centered around a package called “semantic-types,” represents a new evolution in software supply chain threats by leveraging transitive dependencies and blockchain-based exfiltration methods to […]
The post Weaponized PyPI Package Steals Solana Private Keys Via Supply Chain Attack appeared first on Cyber Security News.
This article has been indexed from Cyber Security News