What does a large-scale NPM attack mean for cryptocurrencies: Is Ledger safe?

Recently, NPM supply chain hackers hacked the account of a maintenance worker through a phishing attack, and the malware was injected into packages with more than 2.6 billion downloads per week. The attack targets Web3 wallets such as MetaMask and Phantom, which hijacks cryptocurrency transactions by replacing target addresses, but the hardware wallet is still secure. Despite concerns about a drop in on-chain transaction volume, Bitcoin rose 1.4% to $113,000. The hackers stole only about $500, mainly meme coins.