New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk
Edit Calendar Icon 1 Jun 2026
SafeDep Logo
malware npm

polymarket-validator

discovered 2026-05-28

Contagious Trader package published by toskypi (Feb 2026). Exfiltrates to sha256-validate-rpc.vercel[.]app. Attributed to DPRK Famous Chollima via toskypi identity ([email protected]).

Threat types

credential_stealer data_exfiltration

Malicious versions

  • 1.0.0

Campaigns

Indicators

Read the full analysis →