PANews reported on September 9th that SlowMist Technology's Chief Information Security Officer, 23pds, posted on the X platform that the DuckDB NPM account had been compromised. Early this morning, malicious versions of duckdb and duckdb-wasm were released. These malware are consistent with the wallet-stealing malware seen in yesterday's supply chain attack. Be mindful of potential risks.
SlowMist: DuckDB NPM account compromised, please be aware of risk prevention
Share to:
Author: PA一线
This content is for informational purposes only and does not constitute investment advice.
Follow PANews official accounts, navigate bull and bear markets together
Recommended Reading
慢雾科技2025-09-08 11:00
PA一线2025-09-08 10:32
Ethereum's turbulent decade
Ten years have passed since the creation of Ethereum. Where is the "world computer" headed? This special feature will feature selected articles reviewing Ethereum's turbulent decade of rise, challenges, and breakthroughs.
PAData: Web3 in Data
Data analysis and visual communication of industry hot spots help users understand the meaning and opportunities behind each data.
Pioneer's View: Crypto Celebrity Interviews
Exclusive interviews with crypto celebrities, sharing unique observations and insights
AI Agent: The Journey to Web3 Intelligence
The AI Agen innovation wave is sweeping the world. How will it take root in Web3? Let’s embark on this intelligent journey together
Memecoin Supercycle: The hype around attention tokenization
From joke culture to the trillion-dollar race, Memecoin has become an integral part of the crypto market. In this Memecoin super cycle, how can we seize the opportunity?
Real-time tracking of Bybit attack
Bybit suffered a security incident, and funds worth $1.44 billion were withdrawn. A North Korean hacker group was accused of being the perpetrator.