[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fo92SvWrPyNjnPtQ7hg8TbltGS96GIz8is-CK2ncvOFc":3},{"article":4,"iocs":44},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":24,"category":25,"article_tags":28},"651548e4-8786-4b69-b482-ed8a78e74987","Rust-Written IronWorm Hits NPM Supply Chain","rust-written-ironworm-hits-npm-supply-chain-817236","Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.","A Rust-written malware campaign called IronWorm is actively targeting NPM (Node Package Manager) developers to harvest credentials and use them for lateral movement and propagation across the software supply chain. The attack mirrors tactics from the earlier Shai-Hulud campaign, focusing on credential theft as the initial compromise vector. This represents a significant supply chain risk to organizations relying on NPM packages.","IronWorm malware campaign targets NPM developers to steal credentials and propagate across supply chain.",null,"https:\u002F\u002Fwww.darkreading.com\u002Fcyberattacks-data-breaches\u002Frust-written-ironworm-npm-supply-chain","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblt705e8d4cc3766735\u002F6a21e18d9f92ca732208c2ed\u002Fsupplychain_Efkaysim_shutterstock.jpg?width=1280&auto=webp&quality=80&disable=upscale","2026-06-04T21:47:06+00:00","2026-06-05T00:00:17.952114+00:00",8,[18,21],{"name":19,"type":20},"Shai-Hulud","campaign",{"name":22,"type":23},"NPM","technology","26b0b636-0e31-4db1-bffb-61bdf9f20a58",{"id":24,"icon":11,"name":26,"slug":27},"Supply Chain","supply-chain",[29,34,39],{"category":30},{"id":31,"icon":11,"name":32,"slug":33},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":35},{"id":36,"icon":11,"name":37,"slug":38},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":40},{"id":41,"icon":11,"name":42,"slug":43},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[45],{"type":33,"value":46,"context":47},"IronWorm","Rust-written malware targeting NPM developers for credential theft"]