Crypto Hardware Wallet Ledger's Supply Chain Breach Results in $600,000 Theft

Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets.
The compromise was the result of a former employee falling victim to a phishing attack, the company said in a statement.
This allowed the attackers to gain

assets attack breach code compromise connect crypto employee hardware kit led ledger malicious npm phishing phishing attack result results supply supply chain supply chain breach theft threat threat actors version victim virtual wallet