⚠️ NX Compromised to Steal Wallets and Credentials
「 That malware steals wallets and API keys (.npmrc, env variables, etc.) and pushes them in that repository in the results.b64 file. Interestingly, the malware checks for the presence of Claude Code CLI or Gemini CLI on the system to offload much of the fingerprintable code to a prompt 」
https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/