Modified package published to npm, containing malware that exfiltrates private key material

High severity GitHub Reviewed Published Dec 4, 2024 in solana-foundation/solana-web3.js • Updated Jan 22, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts