Injective Thwarts npm Supply Chain Attack, Says No Funds Were at Risk
The post Injective Thwarts npm Supply Chain Attack, Says No Funds Were at Risk appeared on BitcoinEthereumNews.com. Injective says the npm supply chain issue was resolved before downloads, with zero user funds at risk or compromised. Injective said it resolved a potential compromise involving its npm packages after several public security reports. The project said no user funds were at risk during the incident. The team said internal monitoring detected the issue before any affected package version was downloaded. It then removed the affected versions and released a clean replacement package. Injective said the malicious package recorded zero downloads before it was deprecated. Therefore, developers using the project’s SDK were not exposed through that package. The update comes as crypto projects face growing risks from software supply chain attacks. Moreover, Injective said its response prevented user exposure before the issue reached production use. Injective Responds to npm Package