Skip to main content
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Injective SDK on npm infected with cryptocurrency wallet stealer

Summary by BleepingComputer
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manager (npm) that stole cryptocurrency wallet private keys and mnemonic seed phrases. [...]

10 Articles

The malware in the npm again exposed the risks of attacks on the software supply chain. This time, the target was the official @injectivelabs/sdk-ts package, used by developers to integrate applications into the blockchain Injective. The incident caught the attention of the security community because the malicious code was distributed through a legitimate and widely used package in the Web3 ecosystem, transforming a reliable library into a tool …

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news in New York, United States on Thursday, July 9, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

News
Feed Dots Icon
For You
Search Icon
Search
Blindspot LogoBlindspotLocal