Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised systems, signaling the trend of threat actors constantly on the lookout for new ways to distribute malware and fly under the radar.
"The two npm packages abused smart contracts to conceal malicious



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/09/malicious-npm-packages-exploit-ethereum.html