.svg){kind=logo}
For more information, please visit our blog: NPM Supply Chain Attack: Sophisticated Multi-Chain Cryptocurrency Drainer Infiltrates Popular Packages
Customer Reference Sheet:
|
Package Name |
Package Version(s) |
MSC |
|---|---|---|
|
0.2.1 |
MSC-2025-7955 |
|
|
1.1.1 |
MSC-2025-7876 |
|
|
4.1.1 |
MSC-2025-7872 |
|
|
6.0.1 |
MSC-2025-7873 |
|
|
0.2.3 |
MSC-2025-7886 |
|
|
2.1.1 |
MSC-2025-7875 |
|
|
1.3.3 |
MSC-2025-7881 |
|
|
2.0.1 |
MSC-2025-7882 |
|
|
0.3.3 |
MSC-2025-7953 |
|
|
7.1.1 |
MSC-2025-7874 |
|
|
3.1.1 |
MSC-2025-7954 |
|
|
9.0.1 |
MSC-2025-7877 |
|
|
6.2.1 |
MSC-2025-7880 |
|
|
10.2.1 |
MSC-2025-7879 |
|
|
7.1.1 |
MSC-2025-7878 |
|
|
5.6.1 |
MSC-2025-7884 |
|
|
4.4.2 |
MSC-2025-7887 |
|
|
6.2.2 |
MSC-2025-7871 |
|
|
proto-tinker-wc |
0.1.87 |
MSC-2025-7883 |
|
prebid-universal-creative |
1.17.3 |
MSC-2025-7890 |
|
duckdb |
1.3.3 |
MSC-2025-7949 |
|
@duckdb/node-api |
1.3.3 |
MSC-2025-7888 |
|
@duckdb/node-bindings |
1.3.3 |
MSC-2025-7889 |
|
@duckdb/duckdb-wasm |
1.29.2 |
MSC-2025-7930 |
|
prebid.js |
10.9.2 |
MSC-2025-7950 |
|
prebid |
10.9.1 |
MSC-2025-7951 |
|
prebid |
10.9.2 |
MSC-2025-7952 |
|
@coveops/abi |
2.0.1 |
MSC-2025-7948 |