BleepingComputerThursday · July 9, 2026FREE

Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

npmpypisupply-chainmalware

Fake Paysafe and Skrill software development kits (SDKs) have been discovered on the NPM and PyPi package registries. These malicious packages are designed to steal credentials from developers who install them. The fake SDKs mimic the legitimate financial services SDKs, tricking developers into believing they are using official packages. Once installed, the malicious code extracts credentials and sends them to an attacker-controlled server. The discovery highlights the ongoing risk of typosquatting and dependency confusion attacks in open-source ecosystems.

// why it matters

Developers installing these fake SDKs risk exposing their credentials to attackers.

Sources

Primary · BleepingComputer
▸ Read original at bleepingcomputer.com

Like this? Get the next digest.