Injective software package hit by malicious supply chain attack – Details
How did a reliable SDK come to reveal the wallet credentials of developers?
Read the full articleYou might also wanna read

Injective Labs and Injective Protocol: Injective Labs’ npm SDK Poisoned to Steal Crypto Wallet Credentials
Injective Labs npm SDK Compromised in Supply Chain Attack Targeting Crypto Wallets Attackers breached Injective Labs’ official source code r
Injective npm supply chain attack leaks crypto wallet keys
ON July 8, 2026, a supply chain attack targeted the Injective blockchain's npm packages, compromising a trusted developer's account to injec
Compromised Injective SDK npm Package Exfiltrates Wallet Keys and Mnemonics
A compromised version (1.20.21) of the Injective Labs TypeScript SDK npm package was published containing malicious code that exfiltrates cr
Injective SDK compromised on npm, crypto wallet stealer deployed
Attackers injected malicious code into the Injective Labs SDK on npm to steal cryptocurrency wallet private keys and seed phrases.
Injective SDK on npm infected with cryptocurrency wallet stealer
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manage

Injective npm Supply Chain Attack: 18 Packages Backdoored to Steal Crypto Wallet Keys
On July 8, 2026, attackers used access to a trusted developer's account to slip a backdoor into a widely used software development kit for t

Comments
Sign in to join the conversation.
No comments yet. Be the first.