Threat Group – Unknown criminal actors via phishing campaign Threat Type – Supply-Chain Attack / Malware Injection Exploited Vulnerabilities – Phishing via typosquatted domain, credential theft, token misuse Malware Used – Crypto-wallet address swap, WebSocket-based backdoor, Scavenger infostealer Threat Score – 7.5 🔴 High – Advanced targeted attack on trusted dev ecosystem; widespread impact and high stealth