T1552.004 5

• Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI Apr 30, 2026
• Malicious Chrome Extension Steals MEXC API Keys for Account Takeover Jan 12, 2026
• Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover Nov 12, 2025
• Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys Sep 24, 2025
• The Bad Seeds: Malicious npm and PyPI Packages Pose as Developer Tools to Steal Wallet Credentials Apr 22, 2025