A major supply chain attack targeting JavaScript packages has raised alarms in the cryptocurrency world. Ledger’s CTO Charles Guillemet issued a warning about compromised NPM packages affecting crypto wallets globally, potentially impacting millions of users. The attack originated from a compromised developer account and threatens over 1 billion downloads. Experts urge caution against on-chain transactions to mitigate potential risks. Guillemet stated that the attack’s impact could be widespread, encompassing critical cryptocurrencies like Ethereum (ETH), Bitcoin (BTC), and Solana (SOL). Users are advised to refrain from on-chain activities until the issue is resolved to prevent address substitution attacks and consequent financial losses. This incident highlights the vulnerability of software dependencies within the crypto ecosystem and emphasizes the need for heightened cybersecurity measures.