DuckDB: In recent NPM supply chain attack Node, WASM packages were compromised | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		DuckDB: In recent NPM supply chain attack Node, WASM packages were compromised (twitter.com/duckdb)
		3 points by tosh 2 days ago \| hide \| past \| favorite \| 1 comment

tosh 2 days ago [–]

DuckDB NPM packages 1.3.3 and 1.29.2 compromised with malware:

https://github.com/duckdb/duckdb-node/security/advisories/GH...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact