AISlashdotabout 9 hours ago

New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

2 min read

IronWorm malware infects 36 npm packages with Rust-based infostealer. It targets 86 environment variables and 20 credential files including OpenAI, AWS, Anthropic, npm, SSH keys, and Exodus wallet files. The malware hides behind an eBPF kernel rootkit and communicates via Tor. Researchers at JFrog identified the attack in npm supply-chain.

Level

Hype check

Tap to vote and see what everyone thinks.

#npm #malware #rust

Read full story

More to chew on!

Security4 days ago

Red Hat npm packages infected with Shai-Hulud worm

Devabout 11 hours ago

IronWorm and Miasma Worm Attack npm Packages