Bleeping Computer

Ethereum private key stealer on PyPI downloaded over 1,000 times

A malicious Python Package Index (PyPI) package named "set-utils" has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon blockchain ...
The Next Web

Ethereum bandit makes off with $6.1M after bypassing weak private keys

There’s a blockchain bandit on the loose – and they’ve already thieved over $6.1 million worth of Ethereum. According to a report published by security consulting firm Independent Security Evaluators ...