A supply chain compromise involving Lottie Player, a widely used web component for playing site and app animations, has made popular decentralized finance apps show pop-ups urging users to connect their wallets, TradingView has reported. The pop-up (Source: Lottie Player GitHub repository) Users who did it – and it seems that there was at least one victim – had their wallets drained. The Lottie Player compromise Website admins began complaining about the pop-up and asking … More

The post Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups appeared first on Help Net Security.