NPM Ecosystem Supply Chain Attack Follow-up Updates ✔️NPM Supply Chain Attack Theft Status - The current amount of theft is approximately $475 ✔️Statements from Major Projects Following the NPM Ecosystem Supply Chain Attack I. Commonalities - All platforms have confirmed that they are not using the affected vulnerable package versions - Users are safe from this attack and no further action is required II. Platform-Specific Security Measures and Comments - Uniswap: Ensures no vulnerable packages are used, and users are advised to be vigilant. - Solflare: Prevents supply chain attacks with version locking and thorough code review. - Ledger: Protects users with a secure chip and clear signing functionality, emphasizing on-screen transaction confirmation. - Jupiter: Ensures no vulnerable packages are used, and all products are safe. - MetaMask: Protects users with a multi-layered defense system, including version locking, LavaMoat, and Blockaid. - Phantom: Strengthens security with strict version locking, security reviews, multi-layer scanning, and an isolated build environment. - Magic Eden: Ensures your NFTs in your wallet are completely safe after today's massive hack. - Backpack: Review confirms that Backpack does not use any affected versions of vulnerable npm packages. - aave: Ensures it is not affected by the NPM package supply chain attack. - Safe: Not affected by the ongoing npm supply chain threat. - Morpho: Not affected by the NPM package situation. - Virtual Protocol: We are temporarily closing our website for maintenance while we perform a full security scan and upgrade our protections. - WalletConnect: We were not affected by the supply chain attack. None of the compromised packages are directly dependent on us. #hack