Update on the NPM attack: The attack fortunately failed, with almost no victims. đ
It all started with a phishing email from a fake npm support domain, which stole credentials and allowed the attackers to publish malicious updates to packages. The injected code targeted crypto activity on the web, intercepted transactions on Ethereum, Solana, and other blockchains, and replaced wallet addresses directly in network responses.
The attackers' mistakes caused crashes in the CI/CD pipelines, which led to quick detection and limited impact. But this remains a clear reminder: if your funds are in a software wallet or on an exchange platform, a simple code execution can make everything disappear. Supply chain compromises remain a very powerful vector for malware distribution, and targeted attacks are becoming more frequent.
Hardware wallets are designed to withstand these threats. Features like clear signing allow for precise confirmation of what is happening, and transaction checks report any suspicious activity before it is too late.
The immediate danger is averted, but the threat persists. Stay vigilant.
