Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

DYdX hit by network compromise

Incident
First reported
Last updated
Happening score
H score 13
1 unique sources, 1 articles

Summary

Hide ▲

The dYdX package compromise exposed developers to wallet credential theft and remote code execution risk through malicious releases on npm and PyPI. Poisoned versions of @dydxprotocol/v4-client-js and dydx-v4-client were published after suspected developer account compromise. The malicious code targeted wallet management workflows, seed phrases, device data, and host command execution. dYdX later urged users to isolate affected machines, move funds from a clean system, and rotate credentials.

Related Happenings

Inactive maintainer account 'atiertant' hit by network compromise

Incident
First: 15.05.2026 20:10 Last: 15.05.2026 20:10 Sources 1

About this happening: The **inactive maintainer account 'atiertant'** for **node-ipc** was **compromised**, enabling malicious package releases that could steal credentials from downstream installation...

Open Happening

Bitwarden hit by network compromise

Incident
First: 23.04.2026 22:21 Last: 23.04.2026 22:21 Sources 1

About this happening: **Bitwarden**'s **@bitwarden/cli** distribution channel was compromised when a malicious package briefly appeared on **npm**, putting developers who installed it at risk of **cred...

Open Happening

Npm supply-chain worm that steals publishing tokens and self-propagates

Malware Activity
First: 22.04.2026 15:57 Last: 22.04.2026 15:57 Sources 1

About this happening: A **new npm supply-chain worm** is stealing **developer publishing tokens** and using them to **self-propagate** through republished packages, creating the risk of broader comprom...

Open Happening

Telnyx package hit by network compromise

Incident
First: 27.03.2026 23:13 Last: 27.03.2026 23:13 Sources 1

About this happening: The **Telnyx package** on **PyPI** was **compromised**, and malicious releases began executing at import, putting downstream developers at risk of secret theft. The bad uploads in...

Open Happening

Telnyx Python package hit by data theft breach

Incident
First: 27.03.2026 18:53 Last: 27.03.2026 18:53 Sources 1

About this happening: The **telnyx** Python package was **compromised on PyPI** with **4.87.1** and **4.87.2**, exposing downstream importers to **credential theft** and **data exfiltration**. The mali...

Open Happening

Timeline

  1. 06.02.2026 10:40 1 articles · 3mo ago

    Researchers disclose compromised dYdX packages on npm and PyPI

    Initial Disclosure

    Security researchers disclosed a supply chain attack against dYdX-related packages on npm and the Python Package Index (PyPI), identifying malicious releases of @dydxprotocol/v4-client-js versions 3.4.1, 1.22.1, 1.15.2, and 1.0.31, plus dydx-v4-client 1.1.5post1, that stole wallet seed phrases and device information in the npm variant and added a RAT in the PyPI variant that contacted dydx.priceoracle[.]site/py for commands; the rogue releases were suspected to come from developer account compromise because they were published with legitimate publishing credentials.

    Show sources
    Open in new tab
  2. 28.01.2026 02:00 1 articles · 3mo ago

    dYdX issues mitigation guidance after compromised package releases

    Mitigation Patch Update

    dYdX acknowledged compromised npm and PyPI package releases after responsible disclosure on January 28, 2026, and told users who may have installed the poisoned versions to isolate affected machines, move funds to a new wallet from a clean system, and rotate all API keys and credentials; it also said the versions of dydx-v4-clients hosted in the dydxprotocol Github do not contain the malware.

    Show sources
    Open in new tab