Cybersecurity firm Socket uncovered a supply chain attack where threat actors published malicious versions of dYdX client packages to npm and PyPI ecosystems. This incident, detected on January 27, 2026, targeted developers using these tools for cryptocurrency trading on the decentralized exchange dYdX. Attack Overview Threat actors likely compromised a dYdX maintainer account to release […] The post Threat Actors Publish Malicious dYdX Packages to npm and PyPI Repositories appeared first on Cyber Security News.