The Hacker News
thehackernews.com
خبر سيبراني: Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
المقال بالعربية
ما حدث:
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below - @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31&
لم يذكر المصدر تفاصيل إضافية حول الأطراف المتأثرة أو الأثر الفني الكامل.
لماذا يهم:
تمثل مثل هذه الأخبار مؤشرات مهمة لمتابعة التهديدات السيبرانية بشكل مستمر واتخاذ إجراءات احترازية مبكرة داخل المؤسسة.
إجراءات موصى بها:
مراجعة التحديثات الأمنية الرسمية، تطبيق التصحيحات المتاحة، تعزيز المراقبة، وتوعية الفرق بمخاطر التصيد والهندسة الاجتماعية.
المصدر: thehackernews.com - https://thehackernews.com/2026/02/compromised-dydx-npm-and-pypi-packages.html
English Article
What happened:
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below - @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31&
The source did not provide additional details about impacted parties or technical scope.
Why it matters:
Items like this are important signals for tracking evolving cyber threats and improving defensive readiness.
Recommended actions:
Review official security updates, apply available patches, strengthen monitoring, and reinforce phishing awareness.
Source: thehackernews.com - https://thehackernews.com/2026/02/compromised-dydx-npm-and-pypi-packages.html
Malware
Identity
Read source