🚨Two versions (1.95.6 and 1.95.7) of the popular solana/web3.js npm library were recently disovered to be malicious, harvesting private keys to drain wallets.
NVK (npub1az9…m8y8) , craigraw (npub1hea…g9v2) & Rob1Ham (npub1emd…c9aw) discuss the lessons to be learned from this incident in BR089.