The legitimate Solana JavaScript SDK was temporarily compromised yesterday in a supply chain attack, with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets.

Solana offers an SDK called "@solana/web3.js" used by decentralized applications (dApps) to connect and interact with the Solana blockchain.

Supply chain security firm Socket reports that Solana's Web3.js library was hijacked to push out two malicious versions to steal private and secret cryptography keys to secure wallets and sign transactions

Solana is a blockchain built for mass adoption ◎ Fast, composable, green, and globally distributed. 

https://solana.com

Farcaster by @solanafoundation