Injective SDK Supply-Chain Attack Leaked Wallet Keys Through Fake Telemetry
A compromised Injective JavaScript SDK quietly leaked wallet private keys and seed phrases through fake telemetry, exposing a classic supply-chain attack that targeted developer trust, not the blockchain itself. 17 packages were affected before the bad release was pulled.
Read Full Article