TI Mindmap HUB
Threat Intelligence Report

Compromised Injective SDK npm Package Exfiltrates Wallet Keys and Mnemonics

๐Ÿ“… July 9, 2026 ๐Ÿ“ฐ socket.dev ๐Ÿ” 0 CVE(s) referenced

A malicious version of the Injective SDK npm package covertly exfiltrated wallet private keys and mnemonics via fake telemetry, compromising the security of developers and users across at least 17 related packages before being quickly detected and deprecated.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle