Malicious Packages Found in npm, Python, and Ruby Repositories

Several malicious packages have been discovered in the npm, Python, and Ruby repositories. These packages aim to drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens. These findings come from multiple reports published by Checkmarx. The attacks demonstrate the diversity of supply chain threats in open-source ecosystems.