A security breach involving the 1inch web application has compromised user wallets, as attackers injected malicious code to connect users to a crypto-drainer. 1inch has committed to reimbursing affected users. The breach is linked to a recent update of the Lottie Player npm package, which has been identified as part of a broader supply chain attack. Users of decentralized applications (dApps) like 1inch and others are advised to revoke token approvals and transfer any affected tokens to new wallets to mitigate risks. Additionally, significant transactions involving approximately $9.5 million worth of Ethereum (ETH) have been flagged, originating from addresses connected to the recent security incidents. Users are urged to remain vigilant and follow security measures to protect their assets.