Ledger suffered a supply chain attack. A library called connect-kit, which allows developers to connect decentralized applications (DApps) to Ledger hardware wallets, has been compromised. By injecting wallet-draining payloads into popular NPM packages, attackers can potentially impact numerous DApps, including Hey. Sushi CTO warned against using DApps that utilize LedgerHQ/connect-kit until further notice. This incident highlights the importance of supply chain security in the blockchain industry and highlights the need for increased vigilance and caution when using DApps.
Cryptocurrency Live News