HashDit | now with Pro Extension

BREAKING: Introducing our latest "HashDit Pro" Chrome Extension🎉🥳 The latest Extension will offer : 🔹 Powered up Threat Protection (stay SECURED against address poisoning / drainer + any other phishing attacks) 🔹 Smart Contract Simulation (preview balance changes and approval changes) 🔹 Supporting 7 popular wallets + all EVM chains 🔹 Website checker (Clear pop-up warning when visiting malicious websites) 🤔 What you should do if you are using the old Extension? Remove the old Extension and install our latest Extension for continuous improved protection! Download here NOW for FREE: chromewebstore.google.com/detail/hjplojc… Stay safe with HashDit Pro! 🛡️

5/5 🛡 How can you protect yourself moving forward? - Pin exact dependency versions - Avoid `^` / `~` for critical packages - Delay new package adoption by 7–14 days - Use behavior-based supply chain scanners - Isolate build environments - Never expose production secrets to npm install hosts - Enable 2FA on registry accounts Stay safe!

4/5 🛠 Remediation: Step 1️⃣ — Remove malicious versions Pin a known-safe version, such as: - `12.0.0` - `9.2.1` for the 9.x line Then reinstall cleanly: ```bash rm -rf node_modules package-lock.json npm install ``` Use the equivalent lockfile cleanup for Yarn/pnpm. Step 2️⃣ — Rotate secrets immediately Rotate anything that may have been accessible, including: - cloud credentials - SSH keys - API keys - CI/CD secrets - Kubernetes credentials - deploy keys - wallet-related secrets if present Step 3️⃣ — Block attacker infrastructure Block at firewall/proxy level: - `sh.azurestaticprovider.net` - `37.16.75.69` Also quarantine the malicious versions in your private registry/proxy: - Artifactory - Verdaccio - internal mirrors

🚨 HashDit Alert! 🚨 1/5 The popular `node-ipc` npm package has been compromised with a credential-stealing payload! Confirmed malicious versions: - `9.1.6` - `9.2.3` - `12.0.1` If your environment touched these versions, assume risk ⚠️

🚨 HashDit Alert🚨 @zachxbt has reported that @THORChain has been compromised, with total stolen funds amounting to >$7.4m. Source: t.me/investigations… DO NOT interact with the project until the team gives the all clear. Stay Safe!

⚠️Official PSA for Discord to address a major widespread issue⚠️ Scammers are violating @discord's ToS to use APIs/Automation to scam users... They have automated flows set up to watch for new members joining... The moment someone joins, they send a friend request impersonating team members or support... This confuses new members and can lead to scams. Let me explain ⤵️⤵️ This can happen to any servers, the servers shown in the video below are just an example as scammers do this to all popular servers!! Regardless of the servers security!

🚨 UPDATE: Mini Shai-Hulud has crossed from @npmjs into @pypi and is still spreading. Newly confirmed compromised artifacts: @​opensearch-project/opensearch: 3.5.3, 3.6.2, 3.7.0, 3.8.0 (1.3M weekly downloads) mistralai: 2.4.6 on PyPI guardrails-ai: 0.10.1 on PyPI additional @​squawk/* packages on npm guardrails-ai 0.10.1 executes malicious code on import. On Linux, it downloads git-tanstack[.]com/transformers.​pyz, writes it to /tmp/transformers.​pyz, and runs it with python3 without integrity verification. The git-tanstack.​com domain displayed a message signed “With Love TeamPCP,” along with: “We've been online over 2 hours now stealing creds Regardless I just came to say hello :^)” The page also linked to a YouTube video and you can probably guess which one.

🚨 Bitwarden CLI 2026.4.0 was compromised as part of the ongoing Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline. We’ll continue updating our coverage as more details are confirmed. socket.dev/blog/bitwarden…

⚠️ Web3 social managers on X: stay alert. Scam phishing emails targeting crypto are circulating again. If you enter your project's credentials into the fake login page, your X account WILL GET HACKED! Stay vigilant!! Refer to this for more information: malwarebytes.com/blog/news/2025…

In collaboration with @github, @Microsoft, @npmjs, and @SocketSecurity, our security team has confirmed that no npm packages published by Vercel have been compromised. There is no evidence of tampering, and we believe the supply chain remains safe. vercel.com/kb/bulletin/ve…

3/ Long term solutions: 1. Pin exact dependency versions (avoid using ^ ranges) 2. Use and review lockfile changes in PRs 3. Use --ignore-scripts in CI when possible 4. Run installs in isolated environments without production secrets Stay safe!!

2/ Root cause: a Vercel employee’s account was reportedly compromised via Context.ai, which gave the attacker access to that employee’s Google Workspace account, then access to some Vercel environments and env vars not marked “sensitive.”

🚨 Vercel and Next.js devs do this now! 🚨 ShinyHunters (the threat actor behind the Rockstar/Ticketmaster breach) hacked @vercel via a compromised third-party AI tool's Google Workspace OAuth app!! ⚠️⚠️⚠️ Do this now before reading further! 1. Rotate all important Vercel env vars immediately - especially npm, GitHub, API, and deployment tokens 2. Review and remove unnecessary connected apps - remove context.ai from Google Workspace accessed apps - revoke Vercel/GitHub integrations Why this matters if you are in #Web3/#Crypto: Vercel hosts hundreds of DeFi frontends, and stolen CI/CD credentials could enable wallet-drainer injection at scale! ⚠️ 1/ Affected Impact 2/ Root Cause 3/ Long term solution

Earlier today we identified suspicious cross-chain activity involving rsETH. We have paused rsETH contracts across mainnet and several L2s while we investigate. We are working with @LayerZero_Core, @unichain, our auditors and top security experts on RCA. We will keep you posted as we learn more about this situation. Please follow only the official @KelpDAO handle for the updates.

our domaim appears to have been compromised and the eth.limo domain has been hijacked. We're actively working with all parties involved to assess the situation and remediate the problem.

🖥️ Download here now for FREE: chromewebstore.google.com/detail/hjplojc… 🗒️ Have any feedbacks / ideas? Reach out to us through Email, X or TG!! Stay alert and stay safe with HashDit Pro!

2/ How to Detect on Explorer Sites with HashDit Extension? With update v1.4.5, HashDit’s Address Poisoning API is now integrated into explorer sites. This helps users spot suspicious lookalike addresses before copying them! 🛡️ What you’ll see: 1⃣ Poisoned addresses highlighted in red 2⃣ Suspicious rows shown, dimmed, or hidden 3⃣ View details on what specific addresses were marked as spoofing, malicious, or phishing. Explorer Sites supported currently include @BscScan, @EtherScan, @BaseScanHQ and @PolygonScan!

⚠️ Did you know that Address Poisoning represents ~5% of all transactions on an average day? ⚠️ Many crypto newbies still consistently lost funds to this scam technique unfortunately... HashDit already has Address Poisoning detection feature on our Chrome Extension transaction flow and platforms partnered with us already like @TrustWallet and @Unstoppablebyhs ~ 🚀 To further protect the community, we added this feature for explorer sites as well! Read on to know how it works ⏬⏬ 1/ What is Address Poisoning / Spoofing / Dusting? 2/ How to Detect on Explorer Sites with HashDit Extension?