The widely-used LottieFiles Lotti-Player project fell victim to a supply chain attack, embedding a crypto drainer into websites to steal visitors' cryptocurrency.
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 , nostr:npub1p4kg8zxukpym3h20erfa3samj00rm2gt4q5wfuyu3tg0x3jg3gesvncxf8 and nostr:npub1zxu639qym0esxnn7rzrt48wycmfhdu3e5yvzwx7ja3t84zyc2r8qz8cx2y discuss the attack, and what we can learn from it, in BR087.