A malicious campaign has been planting info-stealing packages on open-source platforms, with around 75,000 downloads so far. The campaign, monitored by Checkmarx’s Supply Chain Security team, has evolved to include sophisticated obfuscation layers and detection evasion techniques. The malware targets sensitive data, including credentials, browsing history, and cryptocurrency wallet information. It also manipulates app data and can disable antivirus products. The campaign has reportedly stolen approximately $100,000 in cryptocurrency. The researchers warn of the vulnerability of open-source communities to such attacks.