Attackers hijack npm maintainer account, steal crypto keys
May 16, 2026
< 1 min read
by Randa Moses
for CryptoPolitan

Share:
AI Overview
Attackers hijacked a dormant npm maintainer account and pushed malicious node-ipc versions that steal crypto keys, AWS tokens, and exchange API secrets. The supply chain attack endangers developers, CEX/DEX integrations and DeFi projects by exposing credentials and increasing systemic security risk across the crypto ecosystem, prompting dependency audits and key rotation.
Bearish
Attackers hijacked a dormant npm maintainer account and pushed malicious node-ipc versions that steal crypto keys, AWS tokens, and exchange API secrets.

