Scan to download
Home Flash
Calendar
HK Web3 Feastival
BTC $74,687.38 -0.55%
ETH $2,323.30 -1.54%
BNB $627.88 +0.50%
XRP $1.43 +1.60%
SOL $87.65 +2.61%
TRX $0.3252 -0.19%
DOGE $0.0969 +0.39%
ADA $0.2530 +1.23%
BCH $448.30 +1.08%
LINK $9.36 +0.32%
HYPE $43.44 -4.49%
AAVE $111.88 +4.87%
SUI $0.9780 +0.97%
XLM $0.1650 +3.17%
ZEC $331.70 -2.95%
BTC $74,687.38 -0.55%
ETH $2,323.30 -1.54%
BNB $627.88 +0.50%
XRP $1.43 +1.60%
SOL $87.65 +2.61%
TRX $0.3252 -0.19%
DOGE $0.0969 +0.39%
ADA $0.2530 +1.23%
BCH $448.30 +1.08%
LINK $9.36 +0.32%
HYPE $43.44 -4.49%
AAVE $111.88 +4.87%
SUI $0.9780 +0.97%
XLM $0.1650 +3.17%
ZEC $331.70 -2.95%
Home
Article
Flash
Specials
Columns
Knowledge Base
Calendar
Markets
Charts
Activity
Tools

DuckDB confirms its Node.js and Wasm packages were attacked in the npm supply chain

2025-09-10 07:37:51
Collection

ChainCatcher news, DuckDB's official Twitter account stated that the DuckDB Node.js and Wasm packages were compromised with malware in a recent npm supply chain attack. The official team has investigated and deprecated the affected versions, while releasing new versions. DuckDB stated that, according to npm data, no users have downloaded the affected packages. The team has released a security announcement detailing the post-analysis and response measures.

(Source Link)
warnning Risk warning
Related tags
DuckDB npm malware
Related reading
The Axios library was attacked through a supply chain, with hackers using stolen npm tokens to implant a remote trojan, affecting about 80% of cloud environments
2026-04-02 13:13
Malware GhostClaw steals developers' encrypted wallet data through npm packages
2026-03-23 09:24
Hackers forged Google Play Store pages to carry out cryptocurrency mining and wallet hijacking attacks targeting Brazilian users
2026-03-22 18:49
Slow Fog CISO: Beware of the malicious npm package "@openclaw-ai/openclawai," which steals cryptocurrency wallet private keys and system credentials
2026-03-10 11:55
Related tags
DuckDB npm malware
Copyright © 2023
About Us
Media Kit
Apply column
Privacy Policy
Risk Warning
Hiring
Qiong ICP No. 2021009392
Qiong ICP No. 2021009392
app_icon
ChainCatcher Building the Web3 world with innovations.