4 matches found
Embedded Malicious Code
Overview @duckdb/node-bindings is a Node bindings to the DuckDB C API. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected...
Malicious code in @duckdb/node-bindings (npm)
The DuckDB Node.js package @duckdb/node-bindings version 1.3.3 was compromised with malware through a sophisticated phishing attack targeting the DuckDB maintainers. An attacker created a pixel-perfect copy of the npmjs.com website at npmjs.help domain and tricked a maintainer into logging in and...
MAL-2025-46993 Malicious code in @duckdb/node-bindings (npm)
The DuckDB Node.js package @duckdb/node-bindings version 1.3.3 was compromised with malware through a sophisticated phishing attack targeting the DuckDB maintainers. An attacker created a pixel-perfect copy of the npmjs.com website at npmjs.help domain and tricked a maintainer into logging in and...
Embedded Malicious Code
Overview @duckdb/node-bindings is a Node bindings to the DuckDB C API. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected...