Researchers from Safety have discovered infostealer malware targeting Russian cryptocurrency developers through npm packages designed to appear legitimate. These malicious packages, which aim to extract sensitive information such as cryptocurrency credentials, are linked to servers in the USA, raising suspicions of state-sponsored activity against Russia's ransomware operators. Developers in the Solana ecosystem are advised to secure their software supply chains to mitigate these threats.

Solana recently addressed a vulnerability that allowed attackers to exploit a bug and steal tokens from users. The platform has implemented a patch to secure its network and prevent further incidents of this nature. Community members are urged to take precautions and monitor their accounts following the attack.