- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
- Earn
- More
Security Advisory: Another well-known developer's NPM account has been compromised, injecting wallet-stealing malware
By: theblockbeats.news|2025/09/10 00:02:41
0
Share
BlockBeats News, September 9th. According to Socket monitoring, the ongoing NPM supply chain attack has spread from the well-known developer Qix to another highly prominent maintainer. The NPM account duckdb_admin, responsible for the DuckDB-related package, has been compromised, and multiple malicious versions have been published. The injected code is the same wallet-stealing malware used when Qix's account was compromised, strongly indicating that both are part of the same attack campaign.
Previously reported, Ledger's CTO stated that in the event of a large-scale supply chain attack, the entire JavaScript ecosystem could be at risk. However, the NPM attackers were not successful, and there were almost no victims.
You may also like
Dune Stablecoin Research: The Flow and Demand of a $300 Billion Market
In the dataset, transfers are no longer simply labeled as pure "transaction volume," but are classified as different on-chain activities. This is the difference between "just knowing that $100 trillion has been transferred" and "understanding why it was transferred."
Stripe Annual Letter: New cognitive density is extremely high, especially the 5-level model of "AI + Payments"
Every trend here is affecting everyone's future survival.
Sam Altman's Twenty-Four Hours: The Pentagon said "no" twice, but only one was serious
In Silicon Valley, Altman's sub-12-hour move has a name. It's not called backstabbing, it's called timing.
The US-Iran Conflict Spreads to the Crypto Space: What to Expect in the Market on Monday
The most important industry in the crypto world, only 300 kilometers away from the missile's impact point
Lily Liu, the chair of the Solana Foundation, shouted "Don't waste time on crypto," is the crypto industry really dead?
The interest of the younger generation is shifting from cryptocurrency to the field of artificial intelligence, which coincides with the current phenomenon in the cryptocurrency industry.
The little deer live by the water and grass
Mining companies have never been the most devout believers in Bitcoin. Under the pressures of halving compressing profits, financial reports showing revenue growth without profit increase, and coin prices falling below mining costs, the industry is collectively de-risking.
The world belongs to Chinese people who speak English
The world is vast, and only playing half of it is truly a loss.
Why Stop at 126K? Michael Saylor Breaks Down BTC Stagnation and Retail Absence Truth
Bitcoin is digital capital, and I will spend a thousand hours explaining it to you. Eventually, you will understand, but you will still have to endure a 45% crash.
Virtuals Protocol's inaugural Titan project: ROBO aims to give a wallet to a robot
This is a key step in Virtuals expanding the Agent Economy into the Embodied AI and Robotics field.
Stablecoin Latest Report: Actual Distribution and Circulation Much More Notable Than Supply
The Truth about Stablecoin Circulation Speed, Concentration, and Structure After Doubling the Supply
Paradigm's New Arithmetic: When Crypto Can't Hold 12.7 Billion, AI Becomes the Answer
It took Paradigm three years to emerge from the ruins of FTX.
Wintermute Founder: In the Lost Cryptocurrency Market, What Can We Still Do?
This is more like a manifesto, discussing "the very reason we are here."
$1.3 Billion Debt: BitDeer Faces Tough Battle
Wu Jihan is waiting for AI's money to catch up with the speed of debt.
Anthropic's IPO Gamble: At the Most Unlikely Moment, It Chose to Say No
In the AI Era, what is the most valuable thing?
Paradigm's Math Problem: $12.7 Billion, Too Big for a Single Crypto Fund
Emerging from the ruins of FTX, Paradigm took three years
Ethereum Unveils Scaling Roadmap, What's Different This Time?
Short-term improvements to execution efficiency through the Gas mechanism optimization and block validation parallelization, and long-term scalability through ZK-EVM and blobs data architecture.
Anthropic Ban Wave, OpenAI $100 Billion Funding Controversy: What Is the Overseas Crypto Community Talking About Today?
What Have Foreigners Been Most Interested in Over the Last 24 Hours?
Morning News | OpenAI receives $110 billion investment; Solana launches Solana Payments; M0, MoonPay, and PayPal jointly launch PYUSDx
Overview of Important Market Events on February 27
Dune Stablecoin Research: The Flow and Demand of a $300 Billion Market
In the dataset, transfers are no longer simply labeled as pure "transaction volume," but are classified as different on-chain activities. This is the difference between "just knowing that $100 trillion has been transferred" and "understanding why it was transferred."
Stripe Annual Letter: New cognitive density is extremely high, especially the 5-level model of "AI + Payments"
Every trend here is affecting everyone's future survival.
Sam Altman's Twenty-Four Hours: The Pentagon said "no" twice, but only one was serious
In Silicon Valley, Altman's sub-12-hour move has a name. It's not called backstabbing, it's called timing.
The US-Iran Conflict Spreads to the Crypto Space: What to Expect in the Market on Monday
The most important industry in the crypto world, only 300 kilometers away from the missile's impact point
Lily Liu, the chair of the Solana Foundation, shouted "Don't waste time on crypto," is the crypto industry really dead?
The interest of the younger generation is shifting from cryptocurrency to the field of artificial intelligence, which coincides with the current phenomenon in the cryptocurrency industry.
The little deer live by the water and grass
Mining companies have never been the most devout believers in Bitcoin. Under the pressures of halving compressing profits, financial reports showing revenue growth without profit increase, and coin prices falling below mining costs, the industry is collectively de-risking.
App