Ledger's Connect Kit library, crucial for Ethereum-based dApps, faced a security breach today. A phishing attack on a former employee led to the injection of malicious code, putting users' tokens at risk. The exploit impacted various dApps, including SushiSwap and Phantom. Ledger has now rectified the issue, replacing the compromised library and enhancing security measures. Estimated losses are around $504k, impacting about 180 wallets across multiple blockchains.
