github_repo
InjectiveLabs/injective-ts
discovered 2026-07-09
Legitimate/VICTIM upstream repo (not attacker infrastructure). A trusted contributor's account here was compromised; attacker created a test-backdoor-check branch to validate push access before the payload commit. Compromised-version GitHub release artifacts remained downloadable on the Releases page at time of writing.