Top

Injective says it blocked npm package hack attempt, no funds lost

July 10, 2026, 1:13 PM
Injective (INJ) announced on X that it detected and immediately blocked a hacking attempt targeting its npm package, confirming that no user funds were affected. The statement follows reports from some media outlets suggesting a potential hack. Injective explained that its security monitoring system caught the issue instantly, allowing the team to deprecate the malicious package version before it could be downloaded and replace it with a new one. As a result, the project stated that there were zero downloads of the malicious package and no risk to user funds. Injective also emphasized that in the roughly five years since its mainnet launch, no on-chain vulnerabilities have ever been exploited.

Leave the first comment

You need to log in to leave a comment.
Log In
Loading