A malicious version of the @injectivelabs/sdk-ts npm package (version 1.20.21) was briefly published to the official Injective Labs npm namespace after a contributor account was compromised. The package contained credential-stealing functionality that silently exfiltrated cryp...
A malicious version of the @injectivelabs/sdk-ts npm package (version 1.20.21) was briefly published to the official Injective Labs npm namespace after a contributor account was compromised. The package contained credential-stealing functionality that silently exfiltrated cryp...
Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/compromised-injective-sdk-npm-package-exfiltrates-cryptocurrency-wallet-keys