According to Odaily Planet Daily, researchers at ReversingLabs revealed that the NPM packages "colortoolsv 2" and "mimelib 2," released in July, exploited Ethereum smart contracts to hide malicious URLs and avoid security scans. These packages operated as downloaders, obtaining command and control server addresses from smart contracts and then downloading second-stage malware, making blockchain traffic appear legitimate and making it more difficult to detect. The research noted that this is the first time Ethereum smart contracts have been found to host malicious command URLs, demonstrating the rapid evolution of attackers' strategies for evading detection in open source repositories. (Cointelegraph)