ShellCodeX Intelligence Brief
CRITICAL
Cybersecurity
Fake Paysafe/Skrill SDK packages on npm and PyPI steal credentials
Source headline: Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Threat level
Critical
Signal strength
85/100
Source confidence
1 source
Published
1 hour ago
Intelligence Summary
Threat actors published fraudulent Paysafe and Skrill SDK packages on npm and PyPI. The malicious packages were designed to capture credentials from developers and users of related payment applications. Victims may unknowingly expose login data and session details when installing and using these dependencies. The campaign targets payment workflows for Paysafe, Skrill, and Neteller ecosystems. Users should avoid untrusted packages, verify package provenance, and rotate any potentially exposed credentials.
Recommended Action
Prioritize immediate review, validate exposure, and patch or mitigate affected systems.
Topics
Original reporting
BleepingComputer
Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Open original source