CRITICAL ⚡ MUST-KNOW
Rust-Written IronWorm Malware Hits NPM in Credential-Propagating Supply Chain Attack
A Rust-written malware campaign dubbed IronWorm is targeting the npm ecosystem in a supply chain attack that steals developer credentials and reuses them to propagate further through the software supply channel. The technique mirrors the TeamPCP “Shai-Hulud” operation: compromised developer accounts publish trojanized packages that spread the infection laterally to downstream consumers. Affected developers should immediately rotate npm access tokens, audit recently published packages for unauthorized changes, and review their accounts for unexpected publish events.