Someone compromised SAP's NPM packages and used the CI pipeline against itself
10 hours ago
- #supply-chain-attack
- #npm-security
- #crypto-wallet-threat
- Malicious npm package "redeem-onchain-sdk" impersonates a Polymarket helper SDK to target crypto wallets.
- The package exfiltrates sensitive data including SSH keys, AWS credentials, npm tokens, Docker configs, Chrome saved logins, and a month of local git history.
- Stolen data is sent to an AWS-hosted endpoint, highlighting the risks of supply chain attacks in the crypto ecosystem.