The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Blockaid flagged an exploit draining roughly $6 million from Summer.fi. SUMR was down 5.3% today while major crypto assets traded higher. The affected LVUSDC vault's displayed APY briefly spiked to ...