Injective SDK on npm infected with cryptocurrency wallet stealer
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manager (npm) that stole cryptocurrency wallet private keys and…
Read the full articleYou might also wanna read
Yet another malicious package found in npm, targeting cryptocurrency wallets
Cryptocurrency wallet developer Komodo has been in the news recently as the most recent victim of an attempted cryptocurrency attack by mali
Compromised @injectivelabs/sdk-ts exfiltrates wallet... - daily.dev
5 hours ago ... A malicious version of the npm package @injectivelabs/sdk-ts (v1.20.21) was published on June 8, 2026, containing code that
Injective npm supply chain attack leaks crypto wallet keys
ON July 8, 2026, a supply chain attack targeted the Injective blockchain's npm packages, compromising a trusted developer's account to injec
Compromised @injectivelabs/sdk-ts exfiltrates wallet keys through fake ...
A malicious release of @injectivelabs/sdk-ts hid a wallet-key stealer inside code labeled as usage telemetry, then spread it across 17 more

Injective npm Supply Chain Attack: 18 Packages Backdoored to Steal Crypto Wallet Keys
On July 8, 2026, attackers used access to a trusted developer's account to slip a backdoor into a widely used software development kit for t
Nx Build Kit Security Breach: Malware Steals Wallets and Credentials via GitHub Repositories
What is s1ngularity-repository? Nx is compromised and the malware steals wallets and API keys using Claude CLI or Gemini.

Comments
Sign in to join the conversation.
No comments yet. Be the first.