Bleeping Computer

Ethereum private key stealer on PyPI downloaded over 1,000 times

A malicious Python Package Index (PyPI) package named "set-utils" has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon blockchain ...
Wired

A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions

Last summer, Adrian Bednarek was mulling over ways to steal the cryptocurrency Ethereum. He's a security consultant; at the time, he was working for a client in the theft-plagued cryptocurrency ...