Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys



September 06, 2025 at 12:12PM

A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. "The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic seeds to a Telegram bot controlled by the threat actor," Socket researcher

from The Hacker News https://ift.tt/b8Dy3CJ

Genrerating Link.... 15 seconds.

Your Link is Ready.

Share this post