Hackers compromised the Injective Labs SDK project and published a malicious npm package. The package stole cryptocurrency wallet private keys and mnemonic seed phrases. Security firms Socket, Ox Security, and StepSecurity detected the supply-chain attack. It affected version 1.20.21 of the @injectivelabs/sdk-ts package. Injective SDK Malware Reached npm Injective SDK is a TypeScript and JavaScript…