New cybersecurity threats targeting users of popular wallets, Atomic and Exodus, have been identified by PANews. Attackers are utilizing online code repositories to distribute malicious software packages, aiming to steal cryptocurrency private keys. ReversingLabs security researchers have revealed that these exploits involve concealing malicious code within seemingly legitimate npm software packages, widely used in the development community. These malicious packages operate by installing patches that lock local Atomic and Exodus wallet files, overwriting original files to manipulate the user interface. This deception tricks users into transferring cryptocurrency to fraudulent addresses. As the cryptocurrency industry continues to face increasing security challenges, software supply chain attacks are emerging as a dangerous new threat vector for crypto holders.