A recent security breach has been identified, involving 30 npm packages masquerading as trading bot repositories, with the aim of stealing developer keys and mnemonic phrases. The attack, detected as a coordinated effort, targeted npm users, DeFi developers, and trading bot users by using fake trading bot repositories and DeFi-themed npm packages to deploy JavaScript-based information stealers. Sensitive data, including cryptocurrency wallet libraries, browser cookies, saved passwords, and API tokens, are at risk. Developers are urged to remove the compromised packages, audit their systems, and rotate all exposed credentials to safeguard against potential threats.

