#7
The Hacker News
general
July 17, 2026 at 18:54 UTC
Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT
By [email protected] (The Hacker News)
AI Summary
Checkmarx researchers discovered seven malicious npm packages (campaign dubbed ViteVenom) targeting the Vite frontend ecosystem as an extension of the ChainVeil supply chain attack, which uses a four-tier blockchain-based C2 infrastructure spanning the Tron network to deliver a remote access trojan. The use of blockchain C2 makes takedowns significantly harder and represents a sophisticated escalation in supply chain attack tradecraft.
Relevance score: 77.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →