DevThe Hacker Newsabout 12 hours ago

IronWorm and Miasma Worm Attack npm Packages

1 min read

IronWorm and Miasma Worm target npm packages with malicious Rust binaries. The malware scrapes 86 environment variables and steals credentials for OpenAI Codex, Anthropic, Claude, Google Gemini, AWS, Docker, Kubernetes, npm, vaults, and Exodus wallets. It uses a compromised npm account named asteroiddao and spreads via preinstall hooks. The attack mimics Anthropic's AI chatbot under author name [email protected]. The stolen wallet data is empty with no transactions recorded.

Level

Hype check

Tap to vote and see what everyone thinks.

#npm #malware #supplychain

Read full story

More to chew on!

AIabout 11 hours ago

New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

Security4 days ago

Red Hat npm packages infected with Shai-Hulud worm

Security