BTC $62,638.14 +0.21%
ETH $1,762.02 +0.15%
BNB $578.39 +1.12%
XRP $1.12 -1.25%
SOL $80.51 -1.48%
TRX $0.3264 +0.45%
DOGE $0.0759 -1.21%
ADA $0.1857 +5.02%
BCH $237.10 +5.00%
LINK $7.89 -0.40%
HYPE $68.81 -3.06%
AAVE $88.20 +0.64%
SUI $0.7420 -2.14%
XLM $0.1986 -2.88%
ZEC $457.47 -1.22%
BTC $62,638.14 +0.21%
ETH $1,762.02 +0.15%
BNB $578.39 +1.12%
XRP $1.12 -1.25%
SOL $80.51 -1.48%
TRX $0.3264 +0.45%
DOGE $0.0759 -1.21%
ADA $0.1857 +5.02%
BCH $237.10 +5.00%
LINK $7.89 -0.40%
HYPE $68.81 -3.06%
AAVE $88.20 +0.64%
SUI $0.7420 -2.14%
XLM $0.1986 -2.88%
ZEC $457.47 -1.22%

Cosine: Beware of @solana/web3.js supply chain poisoning, the poisoned version has been taken down

2024-12-04 09:08:12
Collection

ChainCatcher message, Slow Mist Yu X stated: "Attention @solana/web3.js supply chain poisoning, known versions 1.95.6 and 1.95.7 contain backdoor code that can steal user private keys. The new version no longer has this risk. Well-known wallets have not found this risk, but real attacks have occurred.

It is speculated that perhaps third-party private key-related tools (including bots) that update dependency packages in a timely manner were affected, as the poisoned versions only lasted a few hours before being discovered and removed. If you are using this package, please be cautious and check."

app_icon
ChainCatcher Building the Web3 world with innovations.