Cosine: Beware of @solana/web3.js supply chain poisoning, the poisoned version has been taken down
ChainCatcher message, Slow Mist Yu X stated: "Attention @solana/web3.js supply chain poisoning, known versions 1.95.6 and 1.95.7 contain backdoor code that can steal user private keys. The new version no longer has this risk. Well-known wallets have not found this risk, but real attacks have occurred.
It is speculated that perhaps third-party private key-related tools (including bots) that update dependency packages in a timely manner were affected, as the poisoned versions only lasted a few hours before being discovered and removed. If you are using this package, please be cautious and check."
Related tags
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
Related tags
