Home / Jul 19, 2026 / Story
0
#7 The Hacker News general July 17, 2026 at 18:54 UTC

Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

By [email protected] (The Hacker News)

AI Summary

Checkmarx researchers discovered seven malicious npm packages (campaign dubbed ViteVenom) targeting the Vite frontend ecosystem as an extension of the ChainVeil supply chain attack, which uses a four-tier blockchain-based C2 infrastructure spanning the Tron network to deliver a remote access trojan. The use of blockchain C2 makes takedowns significantly harder and represents a sophisticated escalation in supply chain attack tradecraft.

Relevance score: 77.0/100

# More from July 19