SlowMist founder: The previous version of Solana/Web3.js library had a supply chain poisoning incident, which has now been fixed

PANews reported on December 4 that SlowMist founder Yu Xian issued a warning that the 1.95.6 and 1.95.7 versions of the @solana/web3.js library had supply chain poisoning incidents, and these versions contained backdoor code that could steal user private keys. The new version has fixed the security risk, and mainstream well-known wallets have not been found to be affected.

It is reported that there have been real attack cases. Since the malicious version survived only a few hours before being discovered and removed from the shelves, the victims may be third-party private key-related tools or robots that timely update the dependency packages. Yu Xian reminds developers to check the versions of the relevant dependency packages used in the project in a timely manner.

Share to:

Author: PA一线

This content is for informational purposes only and does not constitute investment advice.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANews
Recommended Reading
15 hour ago
16 hour ago
17 hour ago
18 hour ago
2025-12-26 08:58
2025-12-26 03:53

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe

Curated Series

App内阅读