#typosquatting
#typosquatting

[ follow ]

Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys

Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims' cryptocurrency wallet keys. The package, Netherеum.All, has been found to harbor functionality to decode a command-and-control (C2) endpoint and exfiltrate mnemonic phrases, private keys, and keystore data, according to security company Socket.

Information security

fromThe Hacker News

1 month ago

Malicious Rust Crates Steal Solana and Ethereum Keys - 8,424 Downloads Confirmed

Two malicious Rust crates impersonated fast_log to scan source code and exfiltrate Solana and Ethereum private keys to a hardcoded C2 endpoint.

Artificial intelligence

fromTheregister

6 months ago

AI code suggestions sabotage software supply chain

LLM-powered code generation tools are reshaping software development but may introduce significant risks to the software supply chain.

[ Load more ]

#typosquatting#typosquatting

Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys

Malicious Rust Crates Steal Solana and Ethereum Keys - 8,424 Downloads Confirmed

AI code suggestions sabotage software supply chain

#typosquatting
#typosquatting