Sort:  
  • Trending
    • [-]
     2 months ago  

    There's an ongoing major supply chain attack: a developer's trusted NPM account has been compromised. The impacted packages have surpassed one billion downloads, potentially endangering the entire JavaScript ecosystem. The malicious code operates by covertly altering crypto addresses to misappropriate funds. Using a hardware wallet is secure if every transaction is verified beforehand. Those without hardware wallets should pause any on-chain transactions for now. It's uncertain if the attacker is extracting seeds from software wallets directly at this time.

    $0.00
      Reply