CuraSec

tag: Credential-Theft · 1 items

2026-07-11 · The Hacker News · source ↗ #supply-chain#npm#credential-theft
  • Engineer — Act: Confirmed supply-chain attack: audit all dependency trees and package-lock files for @injectivelabs/sdk-ts@1.20.21; if found in any build artifact or runtime environment, treat wallet private keys and seed phrases as compromised and rotate immediately.
  • SOC/IR — Act: Sweep CI/CD build logs, container image layers, and package manifests across all repositories for @injectivelabs/sdk-ts version 1.20.21; any positive hit should trigger an incident investigation for outbound exfiltration from build environments.
  • Leader — Learn: A confirmed GitHub-to-npm supply-chain attack targeting crypto wallet credentials; worth referencing in supply-chain security policy discussions, and escalate to Act if the organization has products or vendors with Web3/DeFi dependencies.