Slow Mist Technology Warns: Attackers use SVG replacement to poison supply chains

According to PANews, 23pds, chief information security officer of Slow Mist Technology, posted on the X platform that the attacker recently poisoned the NPM supply chain and replaced the SVG referenced by the decentralized platform with embedded malicious script files. The attacker used SVG's XSS pop-up window to induce DApp users to sign and steal assets. Slow fog technology reminds users to pay attention to safety.