Injective SDK Compromised in Supply Chain Attack to Steal Private Keys

The Injective developer ecosystem has been hit by a serious software supply chain compromise after a malicious version of its TypeScript SDK was published to npm. Security researchers identified @injectivelabs/[email protected] as the affected release, with code designed to steal wallet private keys and mnemonic phrases.
