Dark | Light
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

# ![@P3b7_ Avatar](https://lunarcrush.com/gi/w:26/cr:twitter::1041276721759043584.png) @P3b7_ Charles Guillemet

A large-scale supply chain attack is underway after a reputable developer's npm account was compromised, with over X billion downloads of affected packages, potentially putting the entire JavaScript ecosystem at risk. The attack involves malicious payloads that silently swap cryptocurrency addresses. Users without hardware wallets with clear signing are at risk.

### Engagements: XXXXXX [#](/creator/twitter::1041276721759043584/interactions)
![Engagements Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1041276721759043584/c:line/m:interactions.svg)

- X Week XXXXXXX +60%
- X Month XXXXXXX -XX%
- X Months XXXXXXXXXX +3,458%
- X Year XXXXXXXXXX +3,019%

### Mentions: XX [#](/creator/twitter::1041276721759043584/posts_active)
![Mentions Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1041276721759043584/c:line/m:posts_active.svg)

- X Week XX -XX%
- X Month XX +134%
- X Months XXX +148%
- X Year XXX +172%

### Followers: XXXXXX [#](/creator/twitter::1041276721759043584/followers)
![Followers Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1041276721759043584/c:line/m:followers.svg)

- X Week XXXXXX +0.31%
- X Month XXXXXX +0.03%
- X Months XXXXXX +171%
- X Year XXXXXX +204%

### CreatorRank: XXXXXXX [#](/creator/twitter::1041276721759043584/influencer_rank)
![CreatorRank Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1041276721759043584/c:line/m:influencer_rank.svg)

### Social Influence [#](/creator/twitter::1041276721759043584/influence)
---

**Social category influence**
[finance](/list/finance)  XXXXX% [countries](/list/countries)  XXXX%

**Social topic influence**
[transaction](/topic/transaction) #26, [has been](/topic/has-been) #3854, [javascript](/topic/javascript) 3.85%, [dapp](/topic/dapp) 3.85%, [live on](/topic/live-on) 3.85%, [hex](/topic/hex) 3.85%, [blockchain](/topic/blockchain) 3.85%, [agencies](/topic/agencies) 3.85%, [exchanges](/topic/exchanges) 3.85%, [$135m](/topic/$135m) XXXX%

**Top accounts mentioned or mentioned by**
[@ledger](/creator/undefined) [@lemiscate](/creator/undefined) [@0xgomes](/creator/undefined) [@captindelta](/creator/undefined) [@bitwux](/creator/undefined) [@thebullishbit](/creator/undefined) [@blockchainbrea2](/creator/undefined) [@yubweqmf](/creator/undefined) [@huevatoi](/creator/undefined) [@patrickalphac](/creator/undefined) [@lordchampaqui](/creator/undefined) [@1inch](/creator/undefined) [@titled4f](/creator/undefined) [@metamask](/creator/undefined) [@cliffinkent](/creator/undefined) [@donjonledger](/creator/undefined) [@wirelyss](/creator/undefined) [@gladstein](/creator/undefined) [@jayedii](/creator/undefined) [@zachxbt](/creator/undefined)
### Top Social Posts [#](/creator/twitter::1041276721759043584/posts)
---
Top posts by engagements in the last XX hours

"๐Ÿšจ Theres a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over X billion times meaning the entire JavaScript ecosystem may be at risk. The malicious payload works by silently swapping crypto addresses on the fly to steal funds. If you use a hardware wallet pay attention to every transaction before signing and you're safe. If you dont use a hardware wallet refrain from making any on-chain transactions for now. Its still unclear whether the attacker is also stealing seeds from"  
[X Link](https://x.com/P3b7_/status/1965094840959410230) [@P3b7_](/creator/x/P3b7_) 2025-09-08T16:48Z 42.9K followers, 9.7M engagements


"Clear Signing and Transaction Checks are available for Aave Its simple connect wallet to Aave using WC then follow the steps in Ledger Live. On your device you can verify exactly what youre signing and even view the results of transaction simulations. Earn yield on your assets while keeping full self-custody and end-to-end security. If your favorite dApp is not yet clear-signed simply ask them to add the support here. It's really easy for them"  
[X Link](https://x.com/P3b7_/status/1978478827371110666) [@P3b7_](/creator/x/P3b7_) 2025-10-15T15:11Z 42.9K followers, 39.6K engagements


"๐Ÿ”ฅ Clear Signing on Safe is here with Ledger Multisig. Tens of billions in assets are secured by Safe the gold standard for onchain multisig. But nearly every team using it shares the same fatal flaw: blind signing. Youre asked to approve a treasury transaction and all you see is a random hex string. Youre forced to trust your browser. Thats not security. Thats a gamble. And a lot of people are losing at this game. Today were fixing it. Introducing Ledger Multisig built on Safe powered by Ledgers world-class hardware security. Its the missing link: the security and clarity layer every"  
[X Link](https://x.com/P3b7_/status/1981340675959369939) [@P3b7_](/creator/x/P3b7_) 2025-10-23T12:43Z 42.9K followers, 167.6K engagements


"Swap on @1inch directly with your Ledger device with Clear signing and Transaction checks. You don't even need an extension or anything in the middle. USB and BLE are available. Enjoy"  
[X Link](https://x.com/P3b7_/status/1981345113826562139) [@P3b7_](/creator/x/P3b7_) 2025-10-23T13:01Z 42.9K followers, 18K engagements


"Monero appears to be in the midst of a successful XX% attack. The privacy-focused blockchain launched in 2014 and long targeted by governments and 3-letters agencies is already banned from most major centralized exchanges. The Qubic mining pool has been amassing hashrate for months and now controls a majority of the network. A major chain reorganization was detected this morning. With its current dominance Qubic can rewrite the blockchain enable double-spending and censor any transaction. Sustaining this attack is estimated to cost $XX million per day. While potentially lucrative it threatens"  
[X Link](https://x.com/P3b7_/status/1955173413992984988) [@P3b7_](/creator/x/P3b7_) 2025-08-12T07:44Z 42.9K followers, 1M engagements


"$1.35M was stolen from a Thorchain cofounder. Yet another reminder: if your keys are stored in a software wallet youre only one malicious code execution away from losing everything. In this case the victim didnt even sign a malicious transaction the malware simply stole the keys. Honestly its insane to keep that much money in a software wallet. If you leave significant funds there its not a question of if youll be drained but when"  
[X Link](https://x.com/P3b7_/status/1966426113967583603) [@P3b7_](/creator/x/P3b7_) 2025-09-12T08:58Z 42.9K followers, 88.4K engagements


"While Frances political scene descends into chaos I came across an FT piece pointing out that French corporate bonds now yield less than French government bonds. In other words the market thinks France corp. is a safer bet than the French state itself"  
[X Link](https://x.com/P3b7_/status/1975266294674120781) [@P3b7_](/creator/x/P3b7_) 2025-10-06T18:25Z 42.9K followers, 3987 engagements


"@Cliffinkent Potentially all chains"  
[X Link](https://x.com/P3b7_/status/1965101115164549186) [@P3b7_](/creator/x/P3b7_) 2025-09-08T17:13Z 42.9K followers, 378.3K engagements


"If you use a Ledger or hardware wallet with clear signing you are not at risk. My tweet above is warning people who do not use a hardware wallet with clear signing of the risk. Always review every transaction before you sign"  
[X Link](https://x.com/P3b7_/status/1965117765137957113) [@P3b7_](/creator/x/P3b7_) 2025-09-08T18:19Z 42.9K followers, 435.4K engagements


"There's a typo in the tweet above: Multisig is a paid service as indicated in the doc and announced during Ledger Op3n. The EVM version of Multisig is built on Safe but we went much further adding Clear Signing Transaction Check and Trusted Name to make create the security layer. That requires significant engineering work ongoing infrastructure 3rd party paid services and audits to maintain enterprise-grade security. The service fee reflects the cost of sustaining and evolving that protection over time"  
[X Link](https://x.com/P3b7_/status/1981751524339413413) [@P3b7_](/creator/x/P3b7_) 2025-10-24T15:55Z 42.9K followers, 22.4K engagements


"โš  Our white hat team the @DonjonLedger discovered a flaw in Tangem cards that makes brute force attacks possible. As always the Donjon followed responsible disclosure to inform Tangem user protection is our priority. We can now reveal our findings in full: ๐Ÿงต๐Ÿ‘‡"  
[X Link](https://x.com/P3b7_/status/1968313961486614723) [@P3b7_](/creator/x/P3b7_) 2025-09-17T13:59Z 42.9K followers, 235.9K engagements


"@wirelyss @gladstein The NFTs are safe if they are using a Ledger"  
[X Link](https://x.com/P3b7_/status/1981113941658136793) [@P3b7_](/creator/x/P3b7_) 2025-10-22T21:42Z 42.9K followers, 15.1K engagements


"@theBullishBit Check the video or give it a try"  
[X Link](https://x.com/P3b7_/status/1982093358320570484) [@P3b7_](/creator/x/P3b7_) 2025-10-25T14:34Z 42.9K followers, XX engagements

[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

@P3b7_ Avatar @P3b7_ Charles Guillemet

A large-scale supply chain attack is underway after a reputable developer's npm account was compromised, with over X billion downloads of affected packages, potentially putting the entire JavaScript ecosystem at risk. The attack involves malicious payloads that silently swap cryptocurrency addresses. Users without hardware wallets with clear signing are at risk.

Engagements: XXXXXX #

Engagements Line Chart

  • X Week XXXXXXX +60%
  • X Month XXXXXXX -XX%
  • X Months XXXXXXXXXX +3,458%
  • X Year XXXXXXXXXX +3,019%

Mentions: XX #

Mentions Line Chart

  • X Week XX -XX%
  • X Month XX +134%
  • X Months XXX +148%
  • X Year XXX +172%

Followers: XXXXXX #

Followers Line Chart

  • X Week XXXXXX +0.31%
  • X Month XXXXXX +0.03%
  • X Months XXXXXX +171%
  • X Year XXXXXX +204%

CreatorRank: XXXXXXX #

CreatorRank Line Chart

Social Influence #


Social category influence finance XXXXX% countries XXXX%

Social topic influence transaction #26, has been #3854, javascript 3.85%, dapp 3.85%, live on 3.85%, hex 3.85%, blockchain 3.85%, agencies 3.85%, exchanges 3.85%, $135m XXXX%

Top accounts mentioned or mentioned by @ledger @lemiscate @0xgomes @captindelta @bitwux @thebullishbit @blockchainbrea2 @yubweqmf @huevatoi @patrickalphac @lordchampaqui @1inch @titled4f @metamask @cliffinkent @donjonledger @wirelyss @gladstein @jayedii @zachxbt

Top Social Posts #


Top posts by engagements in the last XX hours

"๐Ÿšจ Theres a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over X billion times meaning the entire JavaScript ecosystem may be at risk. The malicious payload works by silently swapping crypto addresses on the fly to steal funds. If you use a hardware wallet pay attention to every transaction before signing and you're safe. If you dont use a hardware wallet refrain from making any on-chain transactions for now. Its still unclear whether the attacker is also stealing seeds from"
X Link @P3b7_ 2025-09-08T16:48Z 42.9K followers, 9.7M engagements

"Clear Signing and Transaction Checks are available for Aave Its simple connect wallet to Aave using WC then follow the steps in Ledger Live. On your device you can verify exactly what youre signing and even view the results of transaction simulations. Earn yield on your assets while keeping full self-custody and end-to-end security. If your favorite dApp is not yet clear-signed simply ask them to add the support here. It's really easy for them"
X Link @P3b7_ 2025-10-15T15:11Z 42.9K followers, 39.6K engagements

"๐Ÿ”ฅ Clear Signing on Safe is here with Ledger Multisig. Tens of billions in assets are secured by Safe the gold standard for onchain multisig. But nearly every team using it shares the same fatal flaw: blind signing. Youre asked to approve a treasury transaction and all you see is a random hex string. Youre forced to trust your browser. Thats not security. Thats a gamble. And a lot of people are losing at this game. Today were fixing it. Introducing Ledger Multisig built on Safe powered by Ledgers world-class hardware security. Its the missing link: the security and clarity layer every"
X Link @P3b7_ 2025-10-23T12:43Z 42.9K followers, 167.6K engagements

"Swap on @1inch directly with your Ledger device with Clear signing and Transaction checks. You don't even need an extension or anything in the middle. USB and BLE are available. Enjoy"
X Link @P3b7_ 2025-10-23T13:01Z 42.9K followers, 18K engagements

"Monero appears to be in the midst of a successful XX% attack. The privacy-focused blockchain launched in 2014 and long targeted by governments and 3-letters agencies is already banned from most major centralized exchanges. The Qubic mining pool has been amassing hashrate for months and now controls a majority of the network. A major chain reorganization was detected this morning. With its current dominance Qubic can rewrite the blockchain enable double-spending and censor any transaction. Sustaining this attack is estimated to cost $XX million per day. While potentially lucrative it threatens"
X Link @P3b7_ 2025-08-12T07:44Z 42.9K followers, 1M engagements

"$1.35M was stolen from a Thorchain cofounder. Yet another reminder: if your keys are stored in a software wallet youre only one malicious code execution away from losing everything. In this case the victim didnt even sign a malicious transaction the malware simply stole the keys. Honestly its insane to keep that much money in a software wallet. If you leave significant funds there its not a question of if youll be drained but when"
X Link @P3b7_ 2025-09-12T08:58Z 42.9K followers, 88.4K engagements

"While Frances political scene descends into chaos I came across an FT piece pointing out that French corporate bonds now yield less than French government bonds. In other words the market thinks France corp. is a safer bet than the French state itself"
X Link @P3b7_ 2025-10-06T18:25Z 42.9K followers, 3987 engagements

"@Cliffinkent Potentially all chains"
X Link @P3b7_ 2025-09-08T17:13Z 42.9K followers, 378.3K engagements

"If you use a Ledger or hardware wallet with clear signing you are not at risk. My tweet above is warning people who do not use a hardware wallet with clear signing of the risk. Always review every transaction before you sign"
X Link @P3b7_ 2025-09-08T18:19Z 42.9K followers, 435.4K engagements

"There's a typo in the tweet above: Multisig is a paid service as indicated in the doc and announced during Ledger Op3n. The EVM version of Multisig is built on Safe but we went much further adding Clear Signing Transaction Check and Trusted Name to make create the security layer. That requires significant engineering work ongoing infrastructure 3rd party paid services and audits to maintain enterprise-grade security. The service fee reflects the cost of sustaining and evolving that protection over time"
X Link @P3b7_ 2025-10-24T15:55Z 42.9K followers, 22.4K engagements

"โš  Our white hat team the @DonjonLedger discovered a flaw in Tangem cards that makes brute force attacks possible. As always the Donjon followed responsible disclosure to inform Tangem user protection is our priority. We can now reveal our findings in full: ๐Ÿงต๐Ÿ‘‡"
X Link @P3b7_ 2025-09-17T13:59Z 42.9K followers, 235.9K engagements

"@wirelyss @gladstein The NFTs are safe if they are using a Ledger"
X Link @P3b7_ 2025-10-22T21:42Z 42.9K followers, 15.1K engagements

"@theBullishBit Check the video or give it a try"
X Link @P3b7_ 2025-10-25T14:34Z 42.9K followers, XX engagements

creator/x::P3b7_
/creator/x::P3b7_