- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
- Earn
- More
Security Advisory: Another well-known developer's NPM account has been compromised, injecting wallet-stealing malware
By: theblockbeats.news|2025/09/10 00:02:41
0
Share
BlockBeats News, September 9th. According to Socket monitoring, the ongoing NPM supply chain attack has spread from the well-known developer Qix to another highly prominent maintainer. The NPM account duckdb_admin, responsible for the DuckDB-related package, has been compromised, and multiple malicious versions have been published. The injected code is the same wallet-stealing malware used when Qix's account was compromised, strongly indicating that both are part of the same attack campaign.
Previously reported, Ledger's CTO stated that in the event of a large-scale supply chain attack, the entire JavaScript ecosystem could be at risk. However, the NPM attackers were not successful, and there were almost no victims.
You may also like
SBF's little brother turned 225 million into 5.5 billion in one year
Let’s meet the 24-year-old new "stock god" of AI.
In a World of Disruption, How Can Humanities Workers Better Use AI?
This AI in Practice experience is not about teaching you a few magical keywords to memorize; it's more like a methodology.
Anthropic Open Letter: The Hypocritical Sam Altman, PUA Master
OpenAI's extensive PR rhetoric with the Department of War on these issues is either lying or deliberately creating confusion. These facts reveal a pattern of behavior, a pattern I have seen many times in Sam Altman, and I hope everyone can recognize it
On the same day that Kraken's Fedmaster Account was approved, the banking lobbying group immediately launched a counterattack.
Banking Lobby Group Slams Kraken's Approval for "Limited Purpose" Fed Master Account.
Bitwise: This weekend's attack accelerated the on-chain migration of the financial world
The never-ending market has become a global obsession.
Market Downturn: Which Assets Are Worth Watching?
"Whether it can bring benefits to the holder" is one of the key reference indicators.
The real opportunity of stablecoins is not to kill Visa
In the new merchant ecosystem born in the AI era, stablecoins will become the first widely adopted payment infrastructure.
Trump's AI Farce: Insult if You Don't Pay
Dario's all-hands email is full of ad hominem attacks
US & Canada Crypto Tax Season 2026: Official Tax Reporting Support from WEEX × KoinX
Prepare for US & Canada crypto tax season 2026. Learn how to export your WEEX transaction history and access official reporting support through our partnership with KoinX.
Conversation between Tom Lee and "The Big Short" Author: AI has detected bubble signal, crypto correction due to gold liquidity being "siphoned off"
A real bubble occurs when everyone is absolutely certain that "this is definitely not a bubble."
The true reason for Claude's ban, Kraken accessing the Federal Reserve payment system, What is the English community paying attention to?
What Was Trending in the Last 24 Hours?
「Buying the Dip」 of 400,000 BTC: Is $74,000 a Rebound or a Reversal?
BTC price hits a new monthly high.
OpenClaw, Another Batch of Middle Class Jobless
Time will not wait for anyone.
Morning News | Backpack will launch on-chain IPO subscription service; Predict.fun strategically acquires on-chain prediction platform Probable; SoFi partners with Mastercard for strategic cooperation
March 4 Market Important Events Overview
Inventorying the Washington power in the crypto space, who is speaking out for U.S. crypto legislation?
From ideology to ecological initiatives, the lobbying power of American cryptocurrency is undergoing a comprehensive evolution, ushering in a new era of specialized and refined policy games.
650 million dollars, 1.5 billion dollars, 2 billion dollars, the crypto VC landscape has changed!
Homogenized industries are ultimately fragile; only when different species can emerge does the market truly come alive.
Why prediction markets are the largest untapped collateral pool in DeFi
From "gambling" to "financable assets": prediction markets are becoming the next hundred billion collateral pool in DeFi, opening new frontiers of capital efficiency.
500% XAUT Staking, Zero-Fee Gold Futures and $100K Rewards: Why Traders Are Turning to WEEX for Tokenized Gold
Explore WEEX's $100,000+ gold campaign featuring 500% XAUT staking, zero-fee gold contracts, and $30,000 PAXG rewards. Trade tokenized gold today.
SBF's little brother turned 225 million into 5.5 billion in one year
Let’s meet the 24-year-old new "stock god" of AI.
In a World of Disruption, How Can Humanities Workers Better Use AI?
This AI in Practice experience is not about teaching you a few magical keywords to memorize; it's more like a methodology.
Anthropic Open Letter: The Hypocritical Sam Altman, PUA Master
OpenAI's extensive PR rhetoric with the Department of War on these issues is either lying or deliberately creating confusion. These facts reveal a pattern of behavior, a pattern I have seen many times in Sam Altman, and I hope everyone can recognize it
On the same day that Kraken's Fedmaster Account was approved, the banking lobbying group immediately launched a counterattack.
Banking Lobby Group Slams Kraken's Approval for "Limited Purpose" Fed Master Account.
Bitwise: This weekend's attack accelerated the on-chain migration of the financial world
The never-ending market has become a global obsession.
Market Downturn: Which Assets Are Worth Watching?
"Whether it can bring benefits to the holder" is one of the key reference indicators.
App