<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Npm on CuraSec</title><link>https://curasec.metacog.co.kr/tags/npm/</link><description>Recent content in Npm on CuraSec</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Sat, 11 Jul 2026 11:49:48 +0000</lastBuildDate><atom:link href="https://curasec.metacog.co.kr/tags/npm/index.xml" rel="self" type="application/rss+xml"/><item><title>Injective Labs GitHub Compromise Plants Wallet-Stealing npm Package</title><link>https://curasec.metacog.co.kr/insights/2026-07-11-injective-labs-github-compromise-pushes-wallet-key-stealing/</link><pubDate>Sat, 11 Jul 2026 11:49:48 +0000</pubDate><guid>https://curasec.metacog.co.kr/insights/2026-07-11-injective-labs-github-compromise-pushes-wallet-key-stealing/</guid><description>&lt;ul>
&lt;li>&lt;strong>Engineer — Act:&lt;/strong> Confirmed supply-chain attack: audit all dependency trees and package-lock files for @injectivelabs/sdk-ts@1.20.21; if found in any build artifact or runtime environment, treat wallet private keys and seed phrases as compromised and rotate immediately.&lt;/li>
&lt;li>&lt;strong>SOC/IR — Act:&lt;/strong> Sweep CI/CD build logs, container image layers, and package manifests across all repositories for @injectivelabs/sdk-ts version 1.20.21; any positive hit should trigger an incident investigation for outbound exfiltration from build environments.&lt;/li>
&lt;li>&lt;strong>Leader — Learn:&lt;/strong> A confirmed GitHub-to-npm supply-chain attack targeting crypto wallet credentials; worth referencing in supply-chain security policy discussions, and escalate to Act if the organization has products or vendors with Web3/DeFi dependencies.&lt;/li>
&lt;/ul></description></item></channel></rss>