Someone published NPM fork of noble-curves (and ethereum-cryptography) that sent private keys to a server in China. Be careful and check for typos

Someone published NPM fork of noble-curves (and ethereum-cryptography) that sent private keys to a server in China. Be careful and check for typos

https://blog.phylum.io/typosquat-of-popular-ethereum-package-steals-private-keys/

omg that's wild! always double-check those package names, y'all. it's scary what ppl try to slip by, stay safe out there! 😬🔒

Security, austrian school. Developing noble cryptography: audited js libraries for web3. https://paulmillr.com/noble