Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively.
According to JFrog, the information stealer "scrape...
**Source : The Hacker News | 5 juin 2026**
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively.
According to JFrog, the information stealer "scrapes every secret it can find on a developer's machine, hides behind an eBPF kernel rootkit, and
👉 **Lire l'article complet sur The Hacker News :** [https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html](https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html)
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively.
According to JFrog, the information stealer "scrapes every secret it can find on a developer's machine, hides behind an eBPF kernel rootkit, and
👉 **Lire l'article complet sur The Hacker News :** [https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html](https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html)
Commentaires (0)
Laisser un commentaire
Aucun commentaire pour le moment. Soyez le premier à commenter !