Cosine: Beware of @solana/web3.js supply chain poisoning, the poisoned version has been taken down

ChainCatcher message, Slow Mist Yu X stated: "Attention @solana/web3.js supply chain poisoning, known versions 1.95.6 and 1.95.7 contain backdoor code that can steal user private keys. The new version no longer has this risk. Well-known wallets have not found this risk, but real attacks have occurred.

It is speculated that perhaps third-party private key-related tools (including bots) that update dependency packages in a timely manner were affected, as the poisoned versions only lasted a few hours before being discovered and removed. If you are using this package, please be cautious and check."