Six packages, one cluster, one message: the EVM/DeFi npm wave of 6 May 2026
Four days after the node-env-resolve RAT, the second wave followed: on 6 May 2026 six malicious npm packages appeared for the Ethereum, Hardhat, and Foundry world. Same code, different mask, different ecosystem — and a simple lesson for every build pipeline.
What has changed? Six npm packages with an identical payload, opened via EVM/Hardhat/Foundry tooling names, activated only on require() in a real Ethereum workstation. Who is affected? Web3-leaning German Mittelstand companies, frontend agencies with weak npm lockfile hygiene, AI agent operators with dynamic tool loaders. What should you read today? Mirror allowlist, token inventory, MCP tool audit — in that order.

