A software supply chain attack has compromised the @solana/web3.js npm library, allowing hackers to publish malicious versions designed to harvest private keys from developers and users.
View full story…