PrivacyDigest6h ago

‘CanisterWorm’ Springs #Wiper Attack #Targeting #Iran

A financially motivated data theft and #extortion group is attempting to inject itself into the #Iranwar , unleashing a #worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have #Farsi set as the default language.
#security #CanisterWorm

https://krebsonsecurity.com/2026/03/canisterworm-springs-wiper-attack-targeting-iran/

‘CanisterWorm’ Springs Wiper Attack Targeting Iran – Krebs on Security

Hackread.com10h ago

The new CanisterWorm is spreading via npm, hijacking dev accounts and targeting Kubernetes, with a wiper that triggers on Iran-based systems

Read: https://hackread.com/canisterworm-kubernetes-clusters-kamikaze-wiper/

#CyberSecurity #Malware #Kubernetes #Iran #CanisterWorm

New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper

CanisterWorm spreads via npm supply chain attack, hijacks developer accounts, targets Kubernetes clusters, and deploys destructive Kamikaze wiper payload.

Hackread - Cybersecurity News, Data Breaches, AI and More
KrebsOnSecurity RSS17h ago

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

https://krebsonsecurity.com/2026/03/canisterworm-springs-wiper-attack-targeting-iran/

#InternetComputerProtocol #Ne'er-Do-WellNews #ALittleSunshine #LatestWarnings #TheComingStorm #CatalinCimpanu #CharlieEriksen #AquaSecurity #CanisterWorm #Ransomware #AssafMorag #TeamPCP #Aikido #Flare #Trivy #ICP

‘CanisterWorm’ Springs Wiper Attack Targeting Iran – Krebs on Security

Winbuzzer23h ago

https://winbuzzer.com/2026/03/23/trivy-breach-pushed-infostealer-via-github-actions-xcxwbn/

Trivy Breached Twice in a Month via GitHub Actions

#GitHub #GitHubActions #Cybersecurity #Malware #Cybercrime #SecurityBreach #OpenSource #Hackers #npm #Javascript #SoftwareDevelopment #CloudComputing #DataBreaches #Trivy #AquaSecurity #TeamPCP #CanisterWorm

Will   23h ago

#trivy supply chain attack spreads to #dockerhub. Compromised Docker Hub images and a self-propagating npm worm have been discovered, escalating the Trivy breach into a multi-platform threat. Stolen npm tokens from infected CI/CD pipelines fueled a self-propagating worm dubbed #CanisterWorm, compromising nearly 50 npm packages across multiple scopes.

https://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html?m=1

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

The Hacker News
PrivacyDigest1d ago

#Trivy #SupplyChain Attack Spreads, Triggers Self-Spreading #CanisterWorm Across 47 #npm Packages
#security

https://it.slashdot.org/story/26/03/22/0039257/trivy-supply-chain-attack-spreads-triggers-self-spreading-canisterworm-across-47-npm-packages?utm_source=rss1.0mainlinkanon&utm_medium=feed

Trivy Supply Chain Attack Spreads, Triggers Self-Spreading CanisterWorm Across 47 npm Packages - Slashdot

"We have removed all malicious artifacts from the affected registries and channels," Trivy maintainer Itay Shakury posted today, noting that all the latest Trivy releases "now point to a safe version." But "On March 19, we observed that a threat actor used a compromised credential..." And today T...