According to PANews, SlowMist Technology's Chief Information Security Officer, 23pds, announced on the X platform that the DuckDB NPM account has been compromised. Early this morning, malicious versions such as duckdb and duckdb-wasm were released. These malicious software versions align with the wallet-stealing malware identified in yesterday's supply chain attack. Users are advised to exercise caution and implement risk prevention measures.