Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Security Aid December 31, 2025 1 minute read

Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets.
“Our Developer GitHub secrets were exposed in the attack, which gave the attacker access to our browser extension sourceTrust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets.
“Our Developer GitHub secrets were exposed in the attack, which gave the attacker access to our browser extension source The Hacker NewsRead More

About The Author

Security Aid

See author's posts

Security Aid

Related Stories

Hackers drain $3.9M from Unleash Protocol after multisig hijack

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass