Unknown threat actors compromised the Injective Labs SDK
project's GitHub repository and leveraged it to publish a malicious
package on the npm registry to steal cryptocurrency wallet private
keys and mnemonic seed phrases. The compromised version,
@injectivelabs/Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser. , came embedded with fake telemetry
functionality that exfiltrated data from cryptocurrency wallets.
The version was
Read more https://thehackernews.com/2026/07/injective-labs-github-compromise-pushes.html

