Application security, Threat Intelligence

Blockchain wallet keys targeted by fraudulent Solana Python API project

August 14, 2024

Bunch of blue neon light glowing locks with an exceptional red one.

(Adobe Stock)

Blockchain platform Solana had its users' blockchain wallet keys targeted for exfiltration by a fraudulent typosquatted Python Package Index repository "solana-py", which was downloaded more than 1,100 times before being removed from PyPI, The Hacker News reports.

Aside from featuring version numbers matching or purporting to be newer than the legitimate "solana" package, such typosquatted project was noted to perform code injections enabling the theft of Solana blockchain wallet keys, which are later sent to an attacker-controlled Hugging Face Spaces domain, according to an analysis from Sonatype.

"...[I]f a developer using the legitimate 'solders' PyPI package in their application is mislead (by solders' documentation) to fall for the typosquatted 'solana-py' project, they'd inadvertently introduce a crypto stealer into their application. This would not only steal their secrets, but those of any user running the developer's application," said Sonatype researcher Ax Sharma. Such findings follow Phylum's discovery of numerous spam npm packages exploiting Tea protocol markers.

SC Staff

API Application Programming Interface Concept. A programmer types on a laptop, interacting with digital icons representing API development, security, and cloud computing. Application Software Tool,

Application security

AI streamlining attacks on the application layer, researchers say

Shaun NicholsJuly 17, 2025

Threat actors are thriving with attacks against developers on the application layer and upstream in the supply chain

Threat Intelligence

Waltz grilled over Signal app use in airstrike chat

SC StaffJuly 16, 2025

During a Senate confirmation hearing, former National Security Adviser Mike Waltz defended his controversial use of the Signal messaging app to coordinate sensitive military discussions, including airstrikes on Houthi targets, asserting it was in line with cybersecurity guidance from the federal government, CyberScoop reports.

Identity

A New Identity: IAM firms double down on agentic risk and cost

Tom Spring July 14, 2025

The same people who sold you zero trust are now unleashing agentic AI with root access and no audit trail. What could go wrong?

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Blockchain wallet keys targeted by fraudulent Solana Python API project

Related

AI streamlining attacks on the application layer, researchers say

Waltz grilled over Signal app use in airstrike chat

A New Identity: IAM firms double down on agentic risk and cost

Related Events

Securing Vibe Coding: Addressing the Security Challenges of AI-Generated Code

OWASP AppSec Cybersecurity Summit

Code or Be Conquered: Preparing Developers for Cyber Threats in the Age of AI

Get daily email updates