CVE-2025-59140

Name of the Vulnerable Software and Affected Versions backslash versions prior to 0.2.2

Description The backslash npm package was compromised through a phishing attack on the publishing account. Version 0.2.1 was published with a malicious payload designed to redirect cryptocurrency transactions from browser environments to the attacker's addresses. Environments not utilizing the package in a browser context, such as local, server, and command-line applications, are not affected. The malware specifically targets cryptocurrency transactions and wallets like MetaMask. The malicious package was removed from the npm registry on September 8, 2025, and new patch versions were published on September 13, 2025, to address caching issues in private registries.

Recommendations Upgrade to version 0.2.2 or later. Completely remove the node modules directory. Clean the package manager's global cache. Rebuild any browser bundles from scratch. Purge the compromised versions from caches on private registries or registry mirrors.