Swathes of crypto users could be at risk of having their funds stolen following the discovery of compromised JavaScript code packages, Ledger CTO Charles Guillemet warned Monday.

NPM is a prominent package manager for JavaScript, and Guillemet said on X that the entire programming language’s ecosystem could be vulnerable after a reputable developer’s account was compromised, potentially spreading a malicious payload to various websites.

“The malicious payload works by silently swapping crypto addresses on the fly to steal funds,” he said, adding that compromised packages have been downloaded more than 1 billion times. Guillemet added that funds on “potentially all chains” could be vulnerable to the exploit.

🚨 There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.

The malicious payload works…

— Charles Guillemet (@P3b7_) September 8, 2025

“I would strongly recommend not signing any crypto transactions right now,” software developer Cygaar meanwhile warned, noting that “various crypto websites” could be vulnerable.

Blockchain security firm Blockaid said on X that the compromise impacts around two dozen popular packages, such as “color-name” and “color-string.” NPM hosts packages of reusable code that users can integrate into their projects, which are written by others.

“It changes the destination address of transactions and approvals to be the attacker’s addresses rather than the address you’re actually trying to interact with,” Cygaar explained.



NPM later appeared to disable the compromised packages, Cygaar added. However, he encouraged developers to still check their dependencies, noting that they could’ve downloaded a compromised package before the change was made.

The sentiment was echoed by the author of a post that Guillemet linked to on X, which stated that they are “actively working with the NPM security team to resolve the issue” and that the malicious code had been removed from most of the affected webpages.

The author said that the NPM account impacted was called “qix,” and the malicious patch impacted “some of the most fundamental utilities in JavaScript” that are used as building blocks for countless projects.

Spectators noted that the malicious payload could replace cryptocurrency addresses, but users would still need to manually approve a transaction before funds could be sent—a window for users to recognize that their funds were heading in the wrong location.

The situation highlights how the crypto industry, in some ways, is still vulnerable to dependencies from the Web2 world and other forms of open-source software, Loopscale co-founder and COO Mary Gooneratne told Decrypt.

The compromised packages were only live for a few hours, but “it’s [still] pretty scary,” she said, noting that there are measures to prevent NPM packages from automatically upgrading. 

“It’s a good lesson for the ecosystem,” she said. “I think this was a good opportunity for everyone to make sure everything is cleaned up.”

Gooneratne said Loopscale, a lending protocol on Solana, wasn’t compromised. And self-custodial wallet Phantom was among other projects on Monday that said it wasn’t affected by the supply-chain attack.

I would strongly recommend not signing any crypto transactions right now.

There is a huge supply chain attack on popular NPM packages that may have compromised various crypto websites (frontend, not the actual contracts).

It changes the destination address of transactions and…

— cygaar (@0xCygaar) September 8, 2025

On Github, the individual tied to the compromised NPM account said they had gotten in contact with NPM and that the firm was working on removing the compromised packages. They said they fell victim to an email for resetting an account’s two-factor authentication.

“Yes, I’ve been pwned,” they wrote. “Sincerely sorry, this is embarrassing.”

Decrypt has reached out to NPM for comment but did not immediately receive a response.

Editor’s note: This story is breaking and will be updated with additional context.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.