ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
CRITICAL Cybersecurity

Fake Paysafe/Skrill SDK packages on npm and PyPI steal credentials

Source headline: Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

Threat level Critical
Signal strength 85/100
Source confidence 1 source
Published 1 hour ago

Intelligence Summary

Threat actors published fraudulent Paysafe and Skrill SDK packages on npm and PyPI. The malicious packages were designed to capture credentials from developers and users of related payment applications. Victims may unknowingly expose login data and session details when installing and using these dependencies. The campaign targets payment workflows for Paysafe, Skrill, and Neteller ecosystems. Users should avoid untrusted packages, verify package provenance, and rotate any potentially exposed credentials.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#credential-theft #supply-chain #npm #malicious-packages #payment-applications #pypi
Original reporting BleepingComputer Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Open original source