A GitHub project called polymarket-copy-trading-bot has been compromised by malicious code, as reported by Odaily. The program automatically accesses the user's .env file when launched and extracts wallet private keys. These keys are then sent to a hacker's server via a hidden malicious dependency package, excluder-mcp-package@1.0.4, leading to the theft of assets.

#USNonFarmPayrollReport #BinanceBlockchainWeek #Write2Earn