G Graphene OS News Mobile security, privacy, Android hardening, and open-source ecosystem news.
Log in Register Editor
EN RU DE PL ES
Back to latest

Security / The Hacker News

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

1 min read

Unknown threat actors compromised the Injective Labs SDK project's GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet private keys and mnemonic seed phrases. The compromised version, @injectivelabs/sdk-ts@1.20.21, came embedded with fake telemetry functi...

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

Unknown threat actors compromised the Injective Labs SDK project's GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet private keys and mnemonic seed phrases. The compromised version, @injectivelabs/sdk-ts@1.20.21, came embedded with fake telemetry functi...

This portal shows a short summary and attribution. Follow the original source for the complete article.

Open original source