> TritonInfoSec News
Home / Jun 06, 2026 / Story
0
#4 The Hacker News general June 05, 2026 at 18:05 UTC

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

By [email protected] (The Hacker News)

AI Summary

JFrog researchers uncovered two simultaneous npm supply chain attacks: IronWorm, a Rust-based information stealer that scrapes secrets and hides behind an eBPF kernel rootkit, and a new Miasma worm variant that used over 50 poisoned legitimate packages to self-propagate. The dual-campaign scope targeting developer machines represents an escalating threat to software supply chain integrity.

Read full article → https://thehackernews.com/2026/06/ironworm-and-new…

Relevance score: 83.0/100

# More from June 06

  1. 1
    Cisco warns of unpatched SD-WAN zero-day exploited in attacks BleepingComputer
  2. 2
    Chrome 149 Patches 429 Vulnerabilities SecurityWeek
  3. 3
    Chinese APT deploys new malware to keep access to hacked networks BleepingComputer
  4. 5
    Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites The Hacker News
  5. 6
    Cisco warns of critical Unified CM flaw with PoC exploit code BleepingComputer
  6. 7
    Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months The Hacker News
  7. 8
    CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers BleepingComputer
  8. 9
    Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories The Hacker News
  9. 10
    Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities SecurityWeek