Socket's Threat Research Team discovered five malicious npm packages published under the account galedonovan that typosquat legitimate Solana and Ethereum crypto libraries. Each package intercepts private key operations at runtime β Base58 decode() calls for Solana and the Wallet constructor for Ethereum β and silently
Sort: