Injective says it blocked npm package hack attempt, no funds lost
July 10, 2026, 1:13 PM
Injective (INJ) announced on X that it detected and immediately blocked a hacking attempt targeting its npm package, confirming that no user funds were affected. The statement follows reports from some media outlets suggesting a potential hack. Injective explained that its security monitoring system caught the issue instantly, allowing the team to deprecate the malicious package version before it could be downloaded and replace it with a new one. As a result, the project stated that there were zero downloads of the malicious package and no risk to user funds. Injective also emphasized that in the roughly five years since its mainnet launch, no on-chain vulnerabilities have ever been exploited.
Leave the first comment
You need to log in to leave a comment.
Log In