SecurityMalicious Injective SDK Package Found in npm Stealing Crypto Wallets
Cybercriminals compromised the official GitHub repository of Injective Labs and exploited it to publish a malicious package in the Node Package Manager (npm) registry. This package was specifically designed to steal private keys and mnemonic seed phrases from users' cryptocurrency wallets. The incident highlights the vulnerabilities in software supply chains and underscores the critical need for enhanced dependency monitoring in developer projects.
Read more













