Logo
pypi

eth-toolkit @1.0.0

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-3378

Ecosystem

pypi

Summary

The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-solana-wallet-sdk Reasons (based on the campaign): - files-exfiltration - crypto-related - exfiltration-crypto

Source: kam193 (e5895b0a95cf86acc67f21e61b55a0718a073fd06657523b47550532153ed546)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.

SEE HACKTRON REVIEW → SCAN DEPENDENCIES