The incident highlights the critical need for enhanced security measures in software supply chains to protect sensitive crypto assets.
The post Hackers attempt to backdoor Injective npm package to steal wallet keys appeared first on Crypto Briefing.
The post Compromised Injective SDK sends wallet keys through fake telemetry appeared on BitcoinEthereumNews.com.
A malicious update to an Injective developer package has exposed private keys and seed phrases after being downloaded more than 300 times, Socket has found. Summary Socket found that a compromised Injective npm package copied private keys and seed phrases through fake telemetry. The malicious version was downloaded more than 300 times and spread through 17 related Injective Labs packages. CertiK reported that wallet compromises caused $444 million in losses during the first half of 2026. According to security firm Socket, version 1.20.21 of the @injectivelabs/sdk-ts npm package, which has about 50,000 weekly downloads, was altered after a developer’s GitHub account was compromised. Suspicious commits began on June 8, and the malicious release was later pinned across 17 other packages under the Injective Labs npm scope. The security firm said the code intercepted wallet key-g
A malicious update to an Injective developer package has exposed private keys and seed phrases after being downloaded more than 300 times, Socket has found. According to security firm Socket, version 1.20.21 of the @injectivelabs/sdk-ts npm package, which has about…
The post Injective NPM Package Hacked to Steal Crypto Wallet Keys appeared on BitcoinEthereumNews.com.
Hackers compromised a widely used Injective software package in a supply chain attack with malware designed to steal crypto wallet private keys, adding to a growing attack vector involving attackers using legitimate platforms to deliver malicious payloads. Security firm Socket discovered on Thursday that a popular npm (node package manager) package with around 50,000 weekly downloads used for building on the Injective blockchain was maliciously modified to steal wallet private keys and seed phrases. The large number of downloads makes the incident “significant for developers and applications that handle Injective wallet workflows,” Socket researchers said. The malicious code has since been removed. The software supply chain attack is a relatively new attack vector in which hackers don’t target a blockchain’s cryptography or smart contracts directly, but instead compromise trusted deve
The post USDC Controversy: A Legal Challenge for Stablecoin Giant Circle appeared on BitcoinEthereumNews.com.
Circle, known for issuing the USDC stablecoin, is entangled in legal issues in Wisconsin, with accusations of resisting a court decree. The involvement stems from claims that Circle hasn’t acted to restitution certain crypto assets allegedly obtained via fraudulent means. Continue Reading:USDC Controversy: A Legal Challenge for Stablecoin Giant Circle Source: https://en.bitcoinhaber.net/usdc-controversy-a-legal-challenge-for-stablecoin-giant-circle
The post Operation First Light 2026 Hits Crypto Launderers, 5,811 Arrested appeared on BitcoinEthereumNews.com.
INTERPOL coordinated arrests across 97 countries in a four-month anti-fraud operation. Authorities intercepted $293 million in fiat and crypto assets. One Thai suspect’s wallet processed over $122.5 million in romance scam proceeds. China’s Ministry of Public Security funded the operation, raising political questions. INTERPOL announced on July 9 that Operation First Light 2026, a coordinated anti-fraud campaign involving 97 countries and territories, produced 5,811 arrests and intercepted $293 million in illicit assets between January 15 and April 30. The operation targeted social engineering fraud, the family of scams that manipulates human trust rather than software vulnerabilities, along with the laundering infrastructure that moves the proceeds. Investigators identified over 142,000 victims worldwide in a four-month window, and the recovered funds cover only a small frac
INTERPOL coordinated arrests across 97 countries in a four-month anti-fraud operation. Authorities intercepted $293 million in fiat and crypto assets. One Thai suspect’s wallet processed over $122.5 million in romance scam proceeds. China’s Ministry of Public Security funded the operation, raising political questions. INTERPOL announced on July 9 that Operation First Light 2026, a coordinated [...]
Windows 11 updates could soon include fixes for more security issues at once. Microsoft said in a blog post on Thursday that it's now using AI to "identify potential issues earlier," which means "customers will see a higher volume of security updates included in each security release."
Hackers, even amateurs, have increasingly been using AI to quickly exploit security weaknesses over the past several months. Security researchers are also using AI to find issues faster, leading to more frequent high-severity vulnerabilities, like the "Copy Fail" exploit that impacted nearly every Linux distribution in May. Similarly, when Anthropic announce …
Read the full story at The Verge.