Supply ChainJun 4, 2026
Rust-Written IronWorm Hits NPM Supply Chain
IronWorm malware campaign targets NPM developers to steal credentials and propagate across supply chain.
Summary
A Rust-written malware campaign called IronWorm is actively targeting NPM (Node Package Manager) developers to harvest credentials and use them for lateral movement and propagation across the software supply chain. The attack mirrors tactics from the earlier Shai-Hulud campaign, focusing on credential theft as the initial compromise vector. This represents a significant supply chain risk to organizations relying on NPM packages.
Indicators of Compromise
- malware — IronWorm
Entities
Shai-Hulud (campaign)NPM (technology)