npm debug / chalk Supply Chain Attack (September 2025)
Summary
On September 8, 2025, attackers compromised the npm account of open-source maintainer Josh Junon (alias 'qix') through a phishing campaign using the spoofed domain npmjs.help, then published malicious versions of 18 foundational JavaScript packages — including chalk (~300M weekly downloads) and debug (~357M) — that collectively exceeded 2 billion weekly downloads. The injected payload functioned as a browser-side wallet-draining cryptostealer, silently intercepting and rewriting cryptocurrency transaction destinations before signing. The malicious versions were available for approximately 7 hours before full removal; a second wave on September 9 targeted DuckDB npm accounts through the same phishing infrastructure.
Connected Entities
2 entities · 10 linked investigations- 19111111111111111111111111111111→mentioned with→npm debug / chalk Supply Chain Attack (September 2025)(50%)
Timeline(12 events)
2025-09-05
Attackers register phishing domain npmjs.help, designed as a pixel-perfect replica of the npmjs.com website.
Sygnia Threat Report2025-09-08
13:00 UTC: Phishing email sent to chalk maintainer Josh Junon (qix) impersonating npm security personnel, claiming a 2FA compliance requirement with a 48-hour lockout deadline.
Sygnia Threat Report2025-09-08
13:16 UTC: First malicious package version published to npm, approximately 16 minutes after the AiTM phishing attack captured the maintainer's credentials and live 2FA token.
Sygnia Threat Report2025-09-08
Attacker publishes malicious versions of 18 npm packages including chalk, debug, ansi-styles, supports-color, strip-ansi, and 13 other foundational JavaScript utilities, injecting a browser-side cryptocurrency wallet-draining payload.
The Hacker News2025-09-08
14:16 UTC: Community member raises suspicions on Bluesky; user 'informatic' identifies that malicious npm versions are absent from the GitHub repository. Aikido Security credited for early detection.
Sygnia Threat Report2025-09-08
15:15 UTC: Maintainer Josh Junon publicly acknowledges the account breach.
Sygnia Threat Report2025-09-08
17:17 UTC: npm confirms the breach and initiates formal takedown of malicious package versions.
Sygnia Threat Report2025-09-08
17:39 UTC: Vercel activates incident response, identifies 70 Vercel teams with builds containing compromised package versions across 76 unique projects.
Vercel Blog2025-09-08
19:59 UTC: All impacted first-wave package versions removed from npm registry, approximately 7 hours after initial account compromise.
Sygnia Threat Report2025-09-08
22:19 UTC: Vercel completes purge of build caches for all 76 affected projects and issues customer notifications.
Vercel Blog2025-09-09
~01:11-01:13 UTC: Second wave begins. The duckdb_admin npm account is compromised via the same npmjs.help phishing infrastructure. Malicious versions of duckdb (1.3.3), @duckdb/duckdb-wasm (1.29.2), @duckdb/node-api (1.3.3), and @duckdb/node-bindings (1.3.3) published, containing identical wallet-drainer malware. Prebid and @coveops/abi also affected.
Socket.dev2025-09-09
DuckDB maintainers confirm compromise via the same phishing email used in the September 8 attack. GitHub security advisory GHSA-w62p-hx95-gf2c published for affected DuckDB packages.
DuckDB GitHub Security AdvisoryDecision Log
- hash: BQsCak1BPxDzm6PDCyr6KLYDgQR1Dv2YE8qhvQnhgFdA
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 6/20/2026, 12:11:26 PM
last updated: 6/20/2026, 12:11:35 PM
avoid.net — verified advice for a post-truth world