On September 8, several popular npm packages were compromised after a successful phishing attack on a maintainer account. Among the affected libraries are Chalk and Debug, which together account for billions of weekly downloads.
The incident is considered one of the most serious supply chain attacks in the history of npm. In total, packages representing more than 2 billion weekly downloads were affected. Researchers say this is likely the largest supply chain attack ever within the open-source ecosystem.
The attack began when the developer with the username qix fell victim to a phishing email sent from a domain that closely resembled the official npm domain. This gave the attacker access to the account, who then published new versions of a total of eighteen packages.
These versions contained malicious code targeting crypto wallets in browser environments. As soon as the code detects that an application is running with window.ethereum, it intercepts the interaction with the wallet and can redirect transactions or approvals to addresses controlled by the attacker.
The impact of the attack is significant. Chalk and Debug are used in countless frameworks and libraries, indirectly affecting projects that did not consciously install these packages. Projects that automatically retrieve the latest versions are at the greatest risk. Within an hour of discovery, the malicious versions were partially removed from the npm registry, but by that time, thousands of installations may already have been infected.
Detection rules and tooling available
Security companies such as Aikido, Endor Labs, and Semgrep immediately made detection rules and tooling available to track down infected versions. Developers are strongly advised to downgrade to versions published before September 8, 2025, completely remove lockfiles and reinstall dependencies, scan their codebases with Software Composition Analysis tools or npm audit, and further secure npm accounts with multi-factor authentication or hardware tokens to prevent similar attacks.
This incident once again highlights how vulnerable the software supply chain is. A single compromised account can lead to the global spread of malicious code. The attack on Chalk and Debug shows that it is not only obscure libraries that are targeted, but also the foundations on which countless projects and companies rely on a daily basis.