Summary
On September 8, 2025, a sophisticated supply chain attack compromised 19-20 popular npm packages. We received a question about Thunk.AI status related to this attack so wanted to give an update.
The summary is that Thunk.AI was not affected. We use explicit package versions and never use latest tags or other mechanisms that would dynamically pull in new packages. We also use Github We do not have a direct dependency on any of the affected packages but do have transitive depenencies on 5 of the 24 known affected packages. Our transitive dependencies are on older versions of the packages.
If you are interested here are some more details FYI
The attack targeted Josh Junon (qix), a maintainer of widely-used npm packages, through a phishing campaign using a fraudulent domain (npmjs.help) that mimicked the official npm registry.
Attack Payload
The malicious code injected into these packages was a cryptocurrency drainer designed to steal digital assets by:
- Intercepting browser network traffic and web3 API calls
- Hooking into `window.ethereum` to intercept calls to wallets like MetaMask
- Silently redirecting outgoing cryptocurrency transactions to attacker-controlled addresses
The attack was detected and mitigated within 2 hours.
Complete List of Compromised Packages with Vulnerable Versions
Primary Targets
- `chalk` - Terminal string styling - Vulnerable version: 5.6.1
- `debug` - Debugging utility - Vulnerable version: 4.4.2
- `ansi-styles` - ANSI escape codes for styling - Vulnerable version: 6.2.2
- `color-convert` - Color conversion utilities - Vulnerable version: 3.1.1
- `supports-color` - Detect terminal color support - Vulnerable version: 10.2.1
Additional Compromised Packages
- `color-name` - Vulnerable version: 2.0.1
- `strip-ansi` - Vulnerable version: 7.1.1
- `color` - Vulnerable version: 5.0.1
- `color-string` - Vulnerable version: 2.1.1
- `has-ansi` - Vulnerable version: 6.0.1
- `ansi-regex` - Vulnerable version: 6.2.1
- `backslash` - Vulnerable version: 0.2.1
- `wrap-ansi` - Vulnerable version: 9.0.1
- `is-arrayish` - Vulnerable version: 0.3.3
- `error-ex` - Vulnerable version: 1.3.3
- `slice-ansi` - Vulnerable version: 7.1.1
- `simple-swizzle` - Vulnerable version: 0.2.3
- `chalk-template` - Vulnerable version: 1.1.1
- `supports-hyperlinks` - Vulnerable version: 4.1.1
Later Identified Packages
- `duckdb` - Vulnerable version: 1.3.3
- `@duckdb/node-api` - Vulnerable version: 1.3.3
- `@duckdb/node-bindings` - Vulnerable version: 1.3.3
- `@duckdb/duckdb-wasm` - Vulnerable version: 1.29.2
- `proto-tinker-wc` - Vulnerable version: 0.1.87
Security Analysis
The list of package versions transitively used by Thunk.AI.
- chalk: 2.4.2, 3.0.0, 4.1.2, 5.3.0 Vulnerable version 5.6.1
- debug: 2.6.9, 3.2.7, 4.3.4, 4.4.0, 4.4.1 Vulnerable version 4.4.2
- ansi-styles: 3.2.1, 4.3.0, 5.2.0, 6.2.1 Vulnerable version 6.2.2
- color-convert: 1.9.3, 2.0.1 Vulnerable version 3.1.1
- supports-color: 5.5.0, 7.2.0, 8.1.1 Vulnerable version 10.2.1
Links
You can read more in the following articles.
- 20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
- Dev caught in phishing net, 18 npm packages compromised • The Register