Security researchers have uncovered a targeted supply chain attack aimed at cryptocurrency developers. Fivemalicious npm packages published by the account “galedonovan” were found to be typosquatting legitimate Solana and Ethereum libraries. Once installed, these packages secretly steal private keys and send them directly to a threat actor’s Telegram bot. While one package was quickly unpublished, […] The post Telegram-Driven Attack Targets Crypto Developers with Malicious npm Packages appeared first on Cyber Security News.