SlowMist Flags Cross-Registry Supply-Chain Attack Aimed at Crypto and AI Developers

Onchain security firm PeckShield (@PeckShieldAlert) reported that SlowMist's threat-intelligence platform MistEye has identified a cross-registry software supply-chain attack targeting developers. The campaign has distributed malicious packages through the three major repositories—npm, PyPI and Crates.io—spanning more than 34 malicious packages and over 384 related versions. The infected packages are aimed at developers across cryptocurrency, DeFi, Solana, Sui/Move and AI ecosystems. SlowMist warned the malware could be used to steal crypto wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data and other developer secrets. Some payloads also attempt to maintain persistence via .cursorrules, CLAUDE.md, Git hooks, cron, systemd and SSH. SlowMist advised developers to remove affected packages immediately, isolate potentially compromised systems, rotate any exposed credentials, rebuild CI environments and developer machines from clean images, and conduct a comprehensive review of activity tied to GitHub, cloud services, SSH and wallets.

Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.

SlowMist Flags Cross-Registry Supply-Chain Attack Aimed at Crypto and AI Developers

Aave Re-enables WETH Lending on Six Networks After 95.4% rsETH Recovery

Bitcoin Slips Under $77,000 After Two Binance Taker-Sell Spikes Above $1B

CryptoQuant Bull-Bear Indicator Flips Green on May 12, 2026, First Since March 2023

May 14, 2026: Bitcoin Drops Below $80,000 as U.S. PPI Hits 6.0% and Trump Meets Xi

S&P 500 hits a new high as Bitcoin breaks $80,000 and slips to $78,759.70

Bitcoin Holds Near $81,186 on May 12, 2026 as OI Drops and Funding Turns Deeply Negative