FlagThis

A supply chain attack compromised versions 1.95.6 and 1.95.7 of the @solana/web3.js npm library, a critical JavaScript tool used for Solana blockchain applications. Malicious code inserted into the library could steal private keys, potentially leading to cryptocurrency theft. The compromise affected numerous applications and individual wallets, highlighting the risks of software supply chain attacks in the cryptocurrency space. Developers are urged to upgrade or downgrade the library to avoid compromise.