In a recent turn of events, Ledger, a prominent hardware wallet provider, faced a security breach that sent shockwaves through the cryptocurrency community. The breach, initiated by a malevolent version of the npm package @ledgerhq/connect-kit, posed a severe risk to users’ digital assets. Security research firm SlowMist Team sounded the alarm, unveiling a covert threat within the @ledgerhq/connect-kit package on the npm repository. Ledger This malicious package harbored a concealed backdoor capable of pilfering users’ private keys—a potential catastrophe for those invested in the volatile world of cryptocurrency.
Source: GBHackers