@safetycli.bsky.social
Do you use @polymarket.bsky.social or integrate with their platform? If so, watch out as threat actors are targeting their users with a malicious NPM package: polymarket-clob. Read more here: getsafety.com/blog-posts/p...
Malicious NPM package targets Polymarket crypto ecosystem
A malicious npm package disguised as a Polymarket trading library that silently steals cryptocurrency wallet files and private keys to drain victims cryptocurrencies
getsafety.com
January 7, 2026 at 2:48 AM
Do you use @polymarket.bsky.social or integrate with their platform? If so, watch out as threat actors are targeting their users with a malicious NPM package: polymarket-clob. Read more here: getsafety.com/blog-posts/p...
The Safety research team just dropped a killer blog post where we identify eleven malicious NPM packages that are part of the latest Shai-hulud worm campaign. Check it out at getsafety.com/blog-posts/s...
Shai-Hulud 3.0: A Confusing Iteration To The Worm
Shai-hulud part III:
getsafety.com
January 5, 2026 at 2:14 AM
The Safety research team just dropped a killer blog post where we identify eleven malicious NPM packages that are part of the latest Shai-hulud worm campaign. Check it out at getsafety.com/blog-posts/s...
The Safety research team has identified a new NPM based malware we are calling "Integrator-Filescrypt". This campaign uses a unique "cloaking" technique to hide from researchers and cloud providers. It's sneaky & very effective. Read more on our blog: www.getsafety.com/blog-posts/n...
NPM Malware Uses “Cloaking” Technology to Target StandX and Uniswap Users
A NPM malware campaign “Integrator-Filescrypt
www.getsafety.com
November 18, 2025 at 11:56 PM
The Safety research team has identified a new NPM based malware we are calling "Integrator-Filescrypt". This campaign uses a unique "cloaking" technique to hide from researchers and cloud providers. It's sneaky & very effective. Read more on our blog: www.getsafety.com/blog-posts/n...