National Cyber Warfare Foundation (NCWF)

Compromised Injective SDK npm Package Exfiltrates Cryptocurrency Wallet Keys (Campaign)


0 user ratings
2026-07-15 15:11:24
milo
Attacks
A malicious version of the @injectivelabs/sdk-ts npm package (version 1.20.21) was briefly published to the official Injective Labs npm namespace after a contributor account was compromised. The package contained credential-stealing functionality that silently exfiltrated cryp...

A malicious version of the @injectivelabs/sdk-ts npm package (version 1.20.21) was briefly published to the official Injective Labs npm namespace after a contributor account was compromised. The package contained credential-stealing functionality that silently exfiltrated cryp...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/compromised-injective-sdk-npm-package-exfiltrates-cryptocurrency-wallet-keys


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Attacks



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.