Hosted on MSN

Solana blockchain's popular web3.js npm package backdoored to steal keys, funds

Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer Steven ...
heise online

Supply chain attack: Solana web3.js library was infected with malicious code

Anyone who has recently downloaded the JavaScript SDK web3.js from Solana from the package manager npm may have picked up malicious code. The origin is probably a phishing attack on maintainers of the ...
CoinTelegraph

Developer posts secret key on GitHub, loses $40K in 2 minutes

A Web3 developer shared the unfortunate story of losing funds after accidentally making his wallet keys publicly available on the developer platform GitHub. On June 5, Brian Guan, co-founder of the ...
CoinDesk

Munchables Exploited for $62M, North Korea-Linked Exploiter Returns Private Keys to Web 3 Firm

Web3 project Munchables was drained of an estimated $62.5 million worth of ether (ETH) early Wednesday after a contract was maliciously manipulated, blockchain data shows. Munchables said on X that ...