News
Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer ...
The Solana Web3.js key stealer According to DataDog researcher Christophe Tafani-Dereeper , the threat actors added a malicious addToQueue function that stole secret and private keys and sent them ...
The backdoor came in the form of code that collected private keys and wallet addresses when apps that directly handled private keys incorporated solana-web3.js versions 1.95.6 and 1.95.7.
The web3.js library is downloaded almost 350,000 times a week. It is not yet known how often this was the case with the malicious code-infected versions. Don't miss any news ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback