PANews reported on September 9th that according to Scam Sniffer, a phishing attack targeting well-known developer qix resulted in malicious code being injected into npm packages, including chalk, strip-ansi, and color-convert. The attack involved hooking wallet functionality, tampering with ETH/SOL transaction recipient addresses, and replacing addresses in network responses. Users are advised to always verify the recipient and amount in the wallet interface, check for address changes after pasting, review recent transactions, and prioritize using hardware wallets for high-value transactions.