RSS

New IronWorm malware hits 36 packages in NPM supply-chain attack

segmenta1 pts0 comments

New IronWorm malware hits 36 packages in npm supply-chain attack

Home<br>News<br>Security<br>New IronWorm malware hits 36 packages in npm supply-chain attack

New IronWorm malware hits 36 packages in npm supply-chain attack

By Bill Toulas

June 4, 2026

11:25 AM

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm.

The malware targets 86 environment variables (key-value pairs) and 20 credential files that may contain OpenAI, AWS, Anthropic, and npm credentials, vault configuration files, SSH keys, and Exodus cryptocurrency wallet files.

According to researchers at supply-chain and devops company JFrog, IronWorm is written in Rust, hides behind an eBPF kernel rootkit, and communicates with the operator over the Tor network.

The Rust-based malware self-propagates by using stolen credentials for publishing on npm; this includes secrets associated with npm's Trusted Publishing workflow.

Once it compromises a developer or CI environment, it can publish trojanized versions of packages owned by the victim, which then infect additional developers and CI systems.

This behavior is conceptually similar to Shai Hulud, which had its code published on GitHub recently. Although JFrog researchers did not find a clear connection between IronWorm and Shai Hulud, they observed the same commit names in both supply-chain attacks.

This opens the possibility that the new malware is an evolution of TeamPCP&rsquo;s payload, since IronWorm appears to be "a custom, carefully built implant from an operation with its own infrastructure."

According to JFrog, the latest attack started from a compromised account named &lsquo;asteroiddao,&rsquo; which published package versions containing the Rust ELF binary executed via &lsquo;preinstall,&rsquo; pushing malicious commits into repositories.

The commit author appears as &ldquo;claude,&rdquo; and the timestamps point to several years ago, up to 13 years in some cases, even though they were pushed in the past few days. This is likely to evade investigation.

One notable element in JFrog&rsquo;s findings is a mechanism that relies on GitHub Actions to deliver the stolen secrets. JFrog explains that the malware serializes the secrets into a single value and then "writes it to a file with a harmless-looking name, as if it were lint or formatting output."

The last step of the process is uploading the file as a build artifact, which can be downloaded by anyone with access. This way, the threat actor can avoid the need for an external command-and-control (C2) altogether.

However, the researchers note that this delivery mechanism has not been used in the analyzed IronWorm supply-chain attack.

Another peculiarity discovered is that the operator hardcoded the recovery phrase of their own cryptocurrency wallet. The researchers say that the only reason for this is that the threat actor did not want the malware to steal it during the test stage.

Application security company Ox Security says that the IronWorm attack was detected very early and stopped before it spread to more popular packages on npm.

The company provides a list of all impacted package names and their versions in the report and recommends that developers upgrade to fixed releases, rotate their keys, and enable two-factor authentication (2FA) for all accounts.

At the same time, Endor Labs and StepSecurity have spotted a very similar but distinct attack involving a JavaScript-based malware named binding.gyp, performing registry poisoning and GitHub Actions infection, unfolding during the same time-frame.

Test every layer before attackers do

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.<br>The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Related Articles:

New Shai-Hulud malware wave compromises 600 npm packages<br>Shai Hulud attack ships signed malicious TanStack, Mistral npm packages<br>Popular node-ipc npm package compromised to steal credentials<br>New npm supply-chain attack self-spreads to steal auth tokens<br>DAEMON Tools devs confirm breach, release malware-free version

Information Stealer

Malware

npm

Supply Chain

Supply Chain Attack

Worm

Bill Toulas

Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Previous Article

Next Article

Post a Comment Community Rules

You need to login in order to post a comment

Not a member yet? Register Now

You may also like:

Popular Stories

Critical Windows Netlogon RCE flaw now exploited in attacks

Microsoft Exchange Online outage causes email delays, failures

VS Code zero-day lets hackers steal GitHub tokens in one click

Sponsor Posts

SecAlerts: real-time vulnerability information directly from...

malware attack supply chain ironworm packages

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.