A significant npm supply chain attack compromised 18 widely used packages to hijack cryptocurrency wallets at the browser level, affecting over 2 billion weekly downloads and potentially exposing Web3 application users to wallet hijacking. The malicious code targets browser-level crypto transactions, intercepting network traffic and rewriting addresses to make fraudulent transfers appear legitimate.