The widely-used LottieFiles Lotti-Player project fell victim to a supply chain attack, embedding a crypto drainer into websites to steal visitors' cryptocurrency.
NVK (npub1az9…m8y8) , Paul (npub1p4k…cxf8) and justinmoon (npub1zxu…cx2y) discuss the attack, and what we can learn from it, in BR087.