TechFlow news — On December 4, SlowMist's Yu Xian posted on X stating: "Beware of supply chain poisoning in @solana/web3.js. Known versions 1.95.6 and 1.95.7 contain backdoor code that steals user private keys. Newer versions no longer carry this risk. Well-known wallets have not been found vulnerable, but actual attacks have occurred."
Yu Xian speculated that the breach might have affected third-party private key-related tools (including bots) that promptly update their dependencies. The malicious versions were live for only a few hours before being detected and taken down. Users employing this package should carefully audit their systems.
Earlier, community members reported that versions 1.95.6 and 1.95.7 of @solana/web3.js have been confirmed to have security vulnerabilities. If any service operated by users includes an address blacklist function, the following address should be added: FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx.




