IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

June 05, 2026

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer "scrapes every secret it can find on a developer's machine, hides behind an eBPF kernel rootkit, and

from The Hacker News https://ift.tt/MGzi3qy
via Cyber Security

Bitcoin Mining

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Popular Feeds

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Featured News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Random Posts

Popular Posts

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Bitcoin Mining

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

You may like these posts

Share

Popular Feeds

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Featured News

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Random Posts

Popular Posts

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper