Backdoor slips into popular code library, drains ~$155k from digital wallets
Backdoor slips into popular code library, drains ~$155k from digital wallets

arstechnica.com
Backdoor slipped into popular code library, drains ~$155k from digital wallets

That's super interesting. From the sound of it, the Maintainers must have been targeted to force a malicious Pull Request to be accepted. That article showed some of the code from the commit. I am not a Solana developer but understood enough to know what it was doing and that no maintainer should have approved it willingly.
I wonder if those maintainers will end up having any liability for the hack.
https://github.com/solana-labs/solana-web3.js/releases/tag/v1.95.8
If your protocol has the tendency to expose its private key, that seems like a protocol issue to me
They're a crypto company. I'll give you three guesses