#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Solana | Breaking Cybersecurity News | The Hacker News

Category — Solana
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads

Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads

May 13, 2025 Supply Chain Attack / Blockchain
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to the Solana blockchain, but contains malicious functionality to steal source code and developer secrets. The package, named solana-token, is no longer available for download from PyPI, but not before it was downloaded 761 times . It was first published to PyPI in early April 2024, albeit with an entirely different version numbering scheme. "When installed, the malicious package attempts to exfiltrate source code and developer secrets from the developer's machine to a hard-coded IP address," ReversingLabs researcher Karlo Zanki said in a report shared with The Hacker News. In particular, the package is designed to copy and exfiltrate the source code contained in all the files in the Python execution stack under the guise of a blockchain function named "register_node()." This unusual behavior suggests that...
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP

Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP

Jan 20, 2025 Supply Chain Attack / Solana
Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below - @async-mutex/mutex, a typosquat of async-mute (npm) dexscreener, which masquerades as a library for accessing liquidity pool data from decentralized exchanges (DEXs) and interacting with the DEX Screener platform (npm) solana-transaction-toolkit (npm) solana-stable-web-huks (npm) cschokidar-next, a typosquat of chokidar (npm) achokidar-next, a typosquat of chokidar (npm) achalk-next, a typosquat of chalk (npm) csbchalk-next, a typosquat of chalk (npm) cschalk, a typosquat of chalk (npm) pycord-self, a typosquat of discord.py-self (PyPI) Supply chain security company Socket, which discovered the packages, said the first four packages are designed to intercept Solana private keys and transmit them throug...
Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library

Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library

Dec 04, 2024 Supply Chain Attack
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets. The attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from the npm registry. The package is widely used, attracting over 400,000 weekly downloads. "These compromised versions contain injected malicious code that is designed to steal private keys from unsuspecting developers and users, potentially enabling attackers to drain cryptocurrency wallets," Socket said in a report. @solana/web3.js is an npm package that can be used to interact with the Solana JavaScript software development kit (SDK) for building Node.js and web apps. According to Datadog security researcher Christophe Tafani-Dereeper , "the backdoor inserted in v1.95.7 adds an ...
cyber security

New Webinar: Defend Against Scattered Spider's Latest TTPs for 2025

websitePush SecurityThreat Intelligence / Cyber Attack
Learn about Scattered Spider's latest identity attack techniques and how to defend your organization.
cyber security

Get Proactive About Protecting Your Digital Identity 

websiteVeeam SoftwareData Security / Microsoft Entra ID
Security threats are just one reason you need to protect Microsoft Entra ID data. Learn all 6 reasons today.
Expert Insights Articles Videos
Cybersecurity Resources