Affected versions ledgerhq/connect-kit 1.1.5 ledgerhq/connect-kit 1.1.6 ledgerhq/connect-kit 1.1.7 Event Analysis The Numen security team discovered that Ledger’s Ledgerhq/connect-kit module has been implanted with malicious phishing code, and that a large number of dapps integrate this functionality, with no clear statistics on the list of affected dapps, which is extremely wide-ranging. https://github.com/LedgerHQ/connect-kit/commit/a4ba6946d8ab1906b040daf259c49dcd1dfdeeba?source=post_pag...
