#IronWorm : Un #virus qui se propage de #PC en #PC , et stockรฉ dans #npm : une #cyberattaque #mondiale #massive a รฉtรฉ รฉvitรฉe de justesse...
https://www.01net.com/actualites/virus-qui-propage-pc-cyberattaque-massive-evitee-justesse.html
Malware Worms Infect npm Ecosystem in Dual Supply Chain Attacks
Meet IronWorm, a sneaky Rust-based malware that's infecting the npm ecosystem by scraping sensitive secrets from developers' machines and spreading through poisoned packages. This stealthy threat hides behind an eBPF kernel rootkit and communicates with its operators over Tor.
New #IronWorm #Malware Hits 36 Packages In #npm Supply-Chain Attack
#supplychain #security
A new npm supply-chain attack has infected 36 packages with Rust-based infostealer malware called IronWorm. According to BleepingComputer, the malware "targets 86 environment variables (key-value pairs) and 20 credential files that may contain OpenAI, AWS, Anthropic, and npm credentials, vault confi...
๐จ New threat alert: IronWorm, a sophisticated Rust-based malware, has compromised 36 npm packages, focusing on the Web3 ecosystem. This isn't just about crypto theft; IronWorm deploys an eBPF rootkit for deep stealth and uses Tor for C2, enabling it to steal credentials, hijack GitHub repos, and self-propagate through the supply chain. Learn why this persistent attack erodes developer trust and whatโฆ
๐ค This post was AI-generated.
IronWorm Malware Infects 36 npm Packages in Supply-Chain Attack
Meet IronWorm, a sneaky Rust-based infostealer that's infected 36 npm packages, putting a wide range of sensitive credentials and secrets at risk of being harvested. This stealthy malware operates undetected, targeting everything from AWS and OpenAI credentials to cryptocurrency wallet files.
Rod2ik ๐ช๐บ ๐จ๐ต ๐ช๐ธ ๐จ๐ฑ ๐บ๐ฆ ๐จ๐ฆ ๐ฌ๐ฑ โฎ๐๏ธ
Rod2ik ๐ช๐บ ๐จ๐ต ๐ช๐ธ ๐จ๐ฑ ๐บ๐ฆ ๐จ๐ฆ ๐ฌ๐ฑโฎ๐๏ธ
Analyst207
PrivacyDigest
The New Oil
Daniel Marsh