Avoid signing any crypto transactions at the moment.

A major supply chain attack has hit widely used NPM packages, potentially compromising the frontends of several crypto platforms.

The exploit silently replaces destination addresses in transactions and approvals with those controlled by the attacker. So even trusted sites may redirect your funds.

Stay alert and wait for verified updates before interacting with any dApps.

source: ledger CTO's post:

https://x.com/P3b7_/status/1965094840959410230?t=IE0WZMm_u3w8eW5G3iyzvg&s=19