According to Deep Tide TechFlow news, on December 4, Slow Mist Cosine posted on X stating: 'Be aware of supply chain poisoning of @solana/web3.js. Known versions 1.95.6 and 1.95.7 contain backdoor code that can steal user private keys. The new version no longer has this risk. Well-known wallets have not found this risk, but real attacks have occurred.'
The cosine speculation may be related to third-party private key tools (including bots) that updated their dependency packages in a timely manner, as the poisoned versions only lasted for a few hours before being discovered and taken down. Users should be cautious and check if they are using this package.
Previously, community users reported that versions 1.95.6 and 1.95.7 of @solana/web3.js have been confirmed to have security vulnerabilities. If the services operated by users have an address blacklist feature, the following address should be added to the blacklist: FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx.
