A newly discovered malware campaign called IronWorm has been silently targeting software developers through poisoned npm packages, stealing credentials, API keys, and even cryptocurrency wallet recovery phrases. The attack is built to spread itself through trusted developer workflows, making it one...

#Malware

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

IronWorm Supply Chain Attack Uses Malicious npm Packages to Steal Developer Secrets

VERWANDTEARTIKEL

Hackers Impersonate Ghidra, dnSpy, and SpiderFoot to Spread Malware via Fake Download Sites

binding.gyp Supply Chain Attack Compromises Dozens of npm Packages Across Maintainer Accounts

Hackers Use Malicious Ads to Deliver FlutterShell Backdoor on macOS Systems

Hackers Use Fake Claude Code Install Page to Deliver Fileless .NET Infostealer

Cybercriminals Shift From Fake Login Pages to Infostealer Malware in Phishing Attacks

New IronWorm malware hits 36 packages in npm supply-chain attack