PANews reported on September 10th that DuckDB's official Twitter account announced that its Node.js and Wasm packages were infected with malware in a recent npm supply chain attack. Officials have investigated and deprecated the affected versions, while also releasing new ones. DuckDB stated that according to npm data, no users have downloaded the affected packages. The team has issued a security advisory detailing the post-incident analysis and response measures.
DuckDB confirms its Node.js and Wasm packages were targeted by an npm supply chain attack
Share to:
Author: PA一线
This content is for informational purposes only and does not constitute investment advice.
Follow PANews official accounts, navigate bull and bear markets together
Recommended Reading
PA一线2025-09-09 23:31PA一线2025-09-09 23:18
A complete review of the 1011 encryption storm
An in-depth review of the epic liquidation events of October 11: from the Trump tariff black swan event to high-leverage margin calls, stablecoin depegging, and market maker liquidity depletion.
PAData: Web3 in Data
Data analysis and visual communication of industry hot spots help users understand the meaning and opportunities behind each data.
Pioneer's View: Crypto Celebrity Interviews
Exclusive interviews with crypto celebrities, sharing unique observations and insights
AI Agent: The Journey to Web3 Intelligence
The AI Agen innovation wave is sweeping the world. How will it take root in Web3? Let’s embark on this intelligent journey together
Memecoin Supercycle: The hype around attention tokenization
From joke culture to the trillion-dollar race, Memecoin has become an integral part of the crypto market. In this Memecoin super cycle, how can we seize the opportunity?
Real-time tracking of Bybit attack
Bybit suffered a security incident, and funds worth $1.44 billion were withdrawn. A North Korean hacker group was accused of being the perpetrator.