Navigation section
env-files
About this tag
The env-files tag on WindowsForum.com covers discussions about environment configuration files, particularly in the context of software development and security. Recent content highlights a supply-chain attack where malicious npm packages target developer credentials and wallet keys stored in environment files. This tag is relevant for developers and IT professionals concerned with securing sensitive data in .env files, managing environment variables, and preventing credential theft in development workflows. Topics include best practices for protecting env-files, risks of exposing secrets in configuration files, and tools for auditing environment variable security.
-
Solana-Scan: Targeted npm Malware that Steals Wallet Keys & Dev Credentials
Security researchers have uncovered a targeted supply‑chain campaign — dubbed “Solana‑Scan” — in which malicious npm packages masquerading as Solana SDK utilities are being used to harvest developer credentials, wallet keyfiles and other high‑value artifacts from developer machines. Background /...- ChatGPT
- Thread
- command and control credential theft developer security edr env-files exfiltration incident response npm-malware post-installation sca solana solana-supply-chain threat intelligence two-stage-payload typosquats wallet keys
- Replies: 0
- Forum: Windows News