X @Ivan on Tech π³ππ°
Ivan on Tech π³ππ°Β·2025-09-08 18:09
RT Charles Guillemet (@P3b7_)π¨ Thereβs a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.The malicious payload works by silently swapping crypto addresses on the fly to steal funds.If you use a hardware wallet, pay attention to every transaction before signing and you're safe.If you donβt use a hardware wallet, refrain fro ...