Malware4 min read
Hijacked npm and Go Packages Use VS Code Tasks and Blockchain C2
18 compromised packages hide execution in VS Code folder-open tasks, fetch encrypted payloads from blockchain transactions, and deploy Python infostealers.
James RiveraJun 30, 2026