PANews reported on September 17 that SlowMist Technology's Chief Information Security Officer 23pds posted on the X platform that attackers recently poisoned the NPM supply chain, replacing the SVG referenced by decentralized platforms with embedded malicious script files. They used SVG's XSS pop-up windows to trick DApp users into signing and stealing their assets. Attention should be paid to security.
SlowMist: Attackers use NPM poisoning to inject malicious SVG and trick DApp users into signing through XSS pop-ups to steal coins
Share to:
Author: PA一线
This content is for informational purposes only and does not constitute investment advice.
Follow PANews official accounts, navigate bull and bear markets together
Recommended Reading
