IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

/in

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively.

According to JFrog, the information stealer “scrapes every secret it can find on a developer’s machine, hides behind an eBPF kernel rootkit, and

The Hacker News – ​Read More

4 Android Auto apps I can always rely on for road trips – beyond Maps...Former cyber executive turned whistleblower accuses IBM of covering up several...