Major Announcement! It has been some time since we made an update on Twitter. Don't worry, we didn't go anywhere, this was on purpose and a community decision from holders. I'm proud to FINALLY announce the opening of The Growerz Hub! 🚀 https://t.co/8OQ99OmQVq 🧵👇

Tomorrow, @SOL_Decoder will be back in DeFi Tuesday with @TerryMotive to go over "Valhalla Bot" 🔥 I've had the pleasure to see it in beta, and my oh my are yall gonna want to be here for this one! 🚀 LFGROW 🍃 💨

🚨 THC Labz Security Alert: Massive NPM Supply Chain Attack. Ledger CTO has revealed a compromise of NPM maintainer qix-'s account, infecting 18 packages with over 2B weekly downloads. Malware targets crypto transactions by swapping addresses silently. 🧵👇

@Ledger Update from @phantom https://t.co/fqDKUkVnBm

Conclusion: This attack is confirmed and unprecedented in scale. THC Labz advises: Secure assets NOW; monitor for updates. Resources provided—use them. Like/RT for awareness; follow us as we will provide an update and follow @Ledger for alerts. Notis on, we'll be watching... 🔔

Developer Protocols: Revert to pre-Sep 8 versions; script dependency tree audits; vet lockfile PRs rigorously. Isolate builds for testing; notify affected users promptly. THC Labz provides this as a resource—implement to mitigate spread and protect ecosystems. 🧵👇

Developers: Pin pre-compromise versions (e.g., error-ex@1.3.2), use npm ci, clear caches, run audits. Integrate Snyk/Dependabot for ongoing scans. 🧵👇

At Risk: Software wallet users (e.g. without hardware) or those on compromised apps. Hijacks occur instantly; funds lost permanently. Developers: If exposed, your users are endangered. Respond immediately. 🧵👇

Critical Alert: Safe vs. At Risk. Safe: Users with hardware wallets (Ledger/Trezor) who verify every transaction detail on-device—malware cannot alter confirmed data. 🧵👇

Blunt truth: Unprotected assets are vulnerable now. [Hackread: https://t.co/1tLGF9YU1z] 🧵👇

Asset Impact: Targets users via infected JS in dApps and sites. Silent redirects drain funds during DeFi swaps, bridges, and NFTs, ETH, SOL, BTC, etc., vanish without UI alerts. Millions at risk; developers propagate via builds. Parallels 2023 Ledger incident but scaled up. 🧵👇

Largest JS supply chain attack on record, amid 2025 trends (Nx in Aug, 'is' in Jul). Act on this intel. [Aikido: https://t.co/A6LL3BUuv6] [Bleeping: https://t.co/ISjn8N2Ttz] 🧵👇

Legitimacy Assessment: Fully verified. Reports from BleepingComputer, Aikido (detection at 13:16 UTC Sep 8), and Hackread align: Phishing enabled the breach; NPM removed packages, but cached versions persist. X thread has 6K+ engagements. 🧵👇

Malware uses regex for passive address scanning (e.g., ETH: 0x...) and active API overrides (e.g., eth_sendTransaction) for hijacks via lookalike swaps. No seed exfiltration confirmed. Substack analysis confirms obfuscated code. [Substack: https://t.co/owqU3WMFQR] 🧵👇

This is a critical threat—details follow. [Original Post: https://t.co/yxVTmOuSVS] Claim Details: Affected packages include chalk (300M weekly DLs), debug (358M), ansi-styles (371M), and others like error-ex. 🧵👇

🚨 THC Labz Security Alert: Massive NPM Supply Chain Attack. Ledger CTO has revealed a compromise of NPM maintainer qix-'s account, infecting 18 packages with over 2B weekly downloads. Malware targets crypto transactions by swapping addresses silently. 🧵👇

boom, nice thing to wake up to today. If you aren't in @THC_Labz why not? This isn't even the main utility. I placed my bets on https://t.co/FdF1o8aQIN

Welcome to Mt. Growmore! @THC_Labz setting the Presidential standard for NFT Communities 🇺🇸

I just updated my NFT using https://t.co/4DOVgDU7vt @THC_Labz added a nice little flag bg. :)

Gm CT ☕️! Happy Sunday from this side of the world 🌎 I wish you all a lovely day ahead! Don't forget to water your plants...