Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
August 11, 2024 at 06:27AM Researchers found a malicious package on PyPI that poses as a Solana blockchain library to steal user secrets. The fraudulent “solana-py” package was downloaded 1,122 times before being removed. It mimicked the legitimate “solana” package and harvested wallet keys. The attack highlights supply chain risks and the abuse of legitimate … Read more