Security News Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages TheHackerNews Daniel Bender 10 Jul 2026 Share Unknown attackers compromised Injective Labs' GitHub repo to publish npm package 1.20.21, which steals wallet private keys and seed phrases.