Injective: The npm package-related security issues have been resolved, and users’ funds have not suffered any losses

robot
Abstract generation in progress
Golden Finance reported that on July 11, Injective’s official account posted on social media stating that recently, there were media reports about “potential security vulnerabilities involving the Injective npm software package.” The issue has now been discovered and resolved immediately. User funds were never at risk and no losses were incurred.
The official said its security monitoring system detected the issue at the first moment and quickly marked the affected package versions as deprecated, while replacing them with new versions, thereby blocking the risk before any malicious package could be downloaded. Therefore, the malicious package had zero downloads and caused no impact to users, and users’ funds security was also not threatened.
Injective’s npm packages are among the most widely used SDKs in the cryptocurrency industry. The official has already implemented optimization measures to ensure that such attack attempts cannot happen again.
INJ1.64%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned