Malicious npm packages stole crypto wallet keys and sent them to Telegram, putting Solana and Ethereum developers at risk

Security researchers have identified five malicious npm packages that target cryptocurrency developers and steal private wallet keys. Socket says the packages were published under the npm account galedonovan and were designed to look like legitimate libraries used in Solana and Ethereum development. The campaign matters because the packages do not visibly break the victim’s code. […] The post Malicious npm packages stole crypto wallet keys and sent them to Telegram, putting Solana and Ethereum developers at risk appeared first on VPN Central.