National Cyber Warfare Foundation (NCWF)

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages


0 user ratings
2026-07-10 17:36:36
milo
Attacks
Unknown threat actors compromised the Injective Labs SDK project's GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet private keys and mnemonic seed phrases.

The compromised version, @injectivelabs/[email protected], came embedded with fake telemetry functionality that exfiltrated data from cryptocurrency wallets. The version was



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/07/injective-labs-github-compromise-pushes.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Attacks



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.