Alchemy Security Update: NPM Supply Chain Attack

Summary

Alchemy Builders received a security update regarding the recent NPM supply chain attack. Alchemy conducted a full review and confirmed that none of the vulnerable packages are currently running in production, were ever installed on their systems, or are dependencies of their open-source packages. This means Alchemy's Smart Wallets remain safe to use, though they will continue monitoring the situation closely.

## :weewoo: Heads up Alchemy @Builder ! SECURITY ALERT
Following reports of the NPM supply chain attack involving malicious code discovered in popular open source packages, we conducted a full review of our codebases.

Our findings:
- None of the vulnerable packages are running in production
- None of the vulnerable packages at issue were ever installed on Alchemy systems
- None of Alchemy's open source packages depend on the vulnerable packages

Alchemy’s Smart Wallets are safe to continue using.

We'll continue monitoring closely and share updates if anything changes.

💙 The Alchemy Team
https://x.com/Alchemy/status/1965194621761601968

🚨SECURITY ALERT: Following reports of the NPM supply chain attack involving malicious code discovered in popular open source packages, we conducted a full review of our codebases.

Our findings:
- None of the vulnerable packages are running in production
- None of the vulnerable
X

alchemy security alert npm attack supply chain smart wallets codebase review safe

The latest from Alchemy Builders

Quiz Night: Third Monthly Quiz Incoming

** @Pingme Third Quiz of the Month is Coming...!! ♥ ** <:bluedot:963415624623738981> **Skill level:** MANY EASY QUESTIONS! (but not all of them...) <:MadJabber:958228128541589536> <:bluedot:963415624623738981> **Questions:** …

Alchemy Builders Community Call: CLI Demo & NFT Perks

## **Community Call is coming!** 🎤 @Pingme **Heads up Alchemy Fam! <:alchemy:1040440799856427109> ** **Ready for today's Community Call??!** ** Today's Agenda (30-Minute Lightning Round!):** ** …