The post Compromised Injective SDK sends wallet keys through fake telemetry appeared on BitcoinEthereumNews.com.
A malicious update to an Injective developer package has exposed private keys and seed phrases after being downloaded more than 300 times, Socket has found. Summary Socket found that a compromised Injective npm package copied private keys and seed phrases through fake telemetry. The malicious version was downloaded more than 300 times and spread through 17 related Injective Labs packages. CertiK reported that wallet compromises caused $444 million in losses during the first half of 2026. According to security firm Socket, version 1.20.21 of the @injectivelabs/sdk-ts npm package, which has about 50,000 weekly downloads, was altered after a developer’s GitHub account was compromised. Suspicious commits began on June 8, and the malicious release was later pinned across 17 other packages under the Injective Labs npm scope. The security firm said the code intercepted wallet key-g
A malicious update to an Injective developer package has exposed private keys and seed phrases after being downloaded more than 300 times, Socket has found. According to security firm Socket, version 1.20.21 of the @injectivelabs/sdk-ts npm package, which has about…
The incident highlights the critical need for enhanced security measures in software supply chains to protect sensitive crypto assets.
The post Hackers attempt to backdoor Injective npm package to steal wallet keys appeared first on Crypto Briefing.
The post Injective NPM Package Hacked to Steal Crypto Wallet Keys appeared on BitcoinEthereumNews.com.
Hackers compromised a widely used Injective software package in a supply chain attack with malware designed to steal crypto wallet private keys, adding to a growing attack vector involving attackers using legitimate platforms to deliver malicious payloads. Security firm Socket discovered on Thursday that a popular npm (node package manager) package with around 50,000 weekly downloads used for building on the Injective blockchain was maliciously modified to steal wallet private keys and seed phrases. The large number of downloads makes the incident “significant for developers and applications that handle Injective wallet workflows,” Socket researchers said. The malicious code has since been removed. The software supply chain attack is a relatively new attack vector in which hackers don’t target a blockchain’s cryptography or smart contracts directly, but instead compromise trusted deve
It has been a year or so since Microsoft announced its plans to move TypeScript to a new, native runtime based on the Go language. Those first releases were unfinished (you had to compile them yourself) but showed promise, getting close to the expected 10x speed-up. That year has been one of steady progress, with Microsoft recently announcing the delivery of a release candidate build.
This release candidate is ready for use. It installs from npm like previous versions, and like earlier builds it works in much the same way as previous versions of TypeScript, checking types in your code, compiling it to run on ECMAScript-compliant JavaScript engines, and running just about anywhere. In addition, a native preview of the TypeScript language server for Visual Studio Code is available to help you write new TypeScript code and guide you through updating existing applications to the new language features.
All you need to do is enable the TypeScript 7 extension through the Visual Studio command
The post Injective (INJ)Unveils Redesigned Website Ahead of Major Summit appeared on BitcoinEthereumNews.com.
Jessie A Ellis
Jul 08, 2026 15:18
Injective (INJ)launches a new website showcasing its role in the on-chain economy, aligning with its July 16 Summit and ongoing blockchain innovations.
Injective (INJ), the Layer-1 blockchain optimized for decentralized finance (DeFi), has launched a revamped website to reflect its expanding vision and ecosystem. The redesign arrives just days before the Injective Summit on July 16, which promises further announcements and product launches. The new injective.com focuses on positioning Injective as the blockchain for the “new internet economy,” where assets, markets, and participants—including users, institutions, and AI agents—interact seamlessly on-chain. The website emphasizes Injective’s capabilities, including tokenization of real-world assets (RWAs), programmable derivatives, and institutional-grade infrastructure. Key up
Injective's MEV resistance could redefine blockchain fairness, potentially increasing user trust and adoption by mitigating exploitative practices.
The post Injective becomes first MEV-resistant L1 live on mainnet appeared first on Crypto Briefing.
The record participation in Injective's buyback program highlights growing community engagement, potentially boosting token value and ecosystem stability.
The post Injective burns 43,500 INJ in record Community BuyBack participation appeared first on Crypto Briefing.