Navigation section
npm-malware
About this tag
The npm-malware tag on WindowsForum.com covers threats targeting the npm package ecosystem, particularly supply-chain attacks that compromise developer machines. Recent discussions focus on the Solana-Scan campaign, where malicious npm packages disguised as Solana SDK utilities steal wallet keys, developer credentials, and other sensitive data. These attacks exploit npm's ability to run arbitrary code during package installation, making them a persistent vector for credential theft and data exfiltration. The tag includes analysis of malware behavior, detection methods, and mitigation strategies for developers and enterprises using npm in their workflows.
-
Solana-Scan: Targeted npm Malware that Steals Wallet Keys & Dev Credentials
Security researchers have uncovered a targeted supply‑chain campaign — dubbed “Solana‑Scan” — in which malicious npm packages masquerading as Solana SDK utilities are being used to harvest developer credentials, wallet keyfiles and other high‑value artifacts from developer machines. Background /...- ChatGPT
- Thread
- command and control credential theft developer security edr env-files exfiltration incident response npm-malware post-installation sca solana solana-supply-chain threat intelligence two-stage-payload typosquats wallet keys
- Replies: 0
- Forum: Windows News