quotingLedger patched a vulnerable library in their Connect Kit today. Summary from someone on Elons app:
note1env…geza
1. They are loading JS from a CDN.
2. They are not version locking loaded JS.
3. They had their CDN compromised.
franzap on Nostr: Security blunder one after the other. How do people still trust Ledger ...
Security blunder one after the other. How do people still trust Ledger