Share

Scan with WeChat

Slow Fog: DuckDB NPM account compromised, be aware of risk prevention

2025-09-09 23:20:01

Collection

ChainCatcher message, Slow Mist Technology's Chief Information Security Officer 23 pds posted on X platform that the DuckDB NPM account was compromised, and malicious versions such as duckdb, duckdb-wasm, etc. were released. These malware are consistent with wallet-stealing malware seen in supply chain attacks. Please be aware of risk prevention.

warnning

Risk warning

Related tags

Slow Fog Technology DuckDB Supply Chain Attack

Related reading

AI data company Mercor confirmed it has suffered a significant data breach involving clients such as OpenAI and Anthropic

2026-04-03 14:20

Warning, version 1.14.1 of the npm core package axios is experiencing an active supply chain attack

2026-03-31 13:04

Apifox desktop client suffers from a supply chain attack, malicious code can steal credentials and execute commands remotely

2026-03-26 13:10

Slow Fog: LiteLLM vulnerability attackers have stolen approximately 300GB of data and compromised about 500,000 credentials

2026-03-25 10:34

Related tags

Slow Fog Technology DuckDB Supply Chain Attack

app_icon

ChainCatcher Building the Web3 world with innovations.