Corpus graph preview Actor to Incident

Supply Chain Graph Pan, zoom, and select actor, campaign, and incident tiers.

Supply Chain Incident

Focused Graph View

The persistent graph is framed to this incident while the canonical page heading and details continue below.

262 nodes 451 edges Cold links hydrate here

Supply Chain Incident

LottieFiles lottie-player npm package compromise

Compromised releases of the @lottiefiles/lottie-player npm package injected malicious wallet-draining code into downstream web applications.

ConfidenceHigh

Evidence LevelVendor

Attack StageAccount Compromise

Source Artifact DivergenceNo

Affected Packages

@lottiefiles/lottie-player

Affected Releases

No structured records.

Repositories

No structured records.

Organizations

LottieFiles

Maintainers

No structured records.

Threat Actors

No structured records.

Campaigns

No structured records.

Build Systems

No structured records.

Distribution Channels

npm registry

Compromised Accounts

@lottiefiles/lottie-player npm publish account

Connected Entities

@lottiefiles/lottie-player Package
@lottiefiles/lottie-player npm publish account Compromised Account
LottieFiles Organization
npm registry Distribution Channel

References

Resolution of Security Incident with @lottiefiles/lottie-player Package LottieFiles · 2024-10-31