Alchemy Security Update: NPM Supply Chain Attack

September 8, 2025

## :weewoo: Heads up Alchemy @Builder ! SECURITY ALERT
Following reports of the NPM supply chain attack involving malicious code discovered in popular open source packages, we conducted a full review of our codebases.

Our findings:
- None of the vulnerable packages are running in production
- None of the vulnerable packages at issue were ever installed on Alchemy systems
- None of Alchemy's open source packages depend on the vulnerable packages

Alchemy’s Smart Wallets are safe to continue using.

We'll continue monitoring closely and share updates if anything changes.

💙 The Alchemy Team
https://x.com/Alchemy/status/1965194621761601968

🚨SECURITY ALERT: Following reports of the NPM supply chain attack involving malicious code discovered in popular open source packages, we conducted a full review of our codebases.

Our findings:
- None of the vulnerable packages are running in production
- None of the vulnerable
X

Previous Update

Next Update

Alchemy Security Update: NPM Supply Chain Attack

The latest from Alchemy Builders

Help Center

Docs

Discord

Telegram DM 👑

Premium Feature

Unlock Premium Support

What's New

UPCOMING FEATURE

Recent Updates

Join the Hype Engine Waitlist

Upcoming: Hype Engine V2

Upcoming: Role Analytics

Recent Updates

Join Spark Tickets Waitlist

Join X Integration Waitlist

Discord SEO v2

Are you currently using our bot?

Join Role Analytics Waitlist