× EU ICT Risk Newsroom DORA News On the Horizon ΑΙ Cybersec Space Cyber Alerts GDPR News EU CERT Advisories ICT Governance ESA/NCAs Contact
Switch to Greek 🔍

dYdX npm, PyPI packages compromised, delivering wallet stealers, RAT malware.

Newsroom - 06 February 2026 - 10:40

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below: @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31

dYdX npm, PyPI packages compromised, delivering wallet stealers, RAT malware.
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below: @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31
dYdX npm PyPI Malware

Subscribe for EU DORA and Banking ICT Risk news and insights