Ethical Hacking News
Threat actors are exploiting vulnerabilities in the npm ecosystem to distribute a range of malicious payloads, including a Rust-based information stealer and a self-spreading worm. The IronWorm malware has been spotted in the npm registry, with threat actors leveraging this access to steal credentials associated with major companies. Meanwhile, another wave of supply chain attacks has targeted the npm ecosystem, with a distinct variant of the Miasma worm compromising 57 packages across more than 286 malicious versions.
NPM ecosystem targeted by threat actors, including poisoned and legitimate packages to spread Rust-based information stealer and self-spreading worm. Malware, codenamed IronWorm, steals credentials from major companies, including OpenAI Codex, Anthropic, Google Gemini, AWS, Docker, Kubernetes, and npm. Compromised npm account publishes package versions containing the Rust ELF binary that executes via a preinstall hook, resulting in self-replicating attack. Another wave of supply chain attacks targets NPM ecosystem using Miasma worm variant, compromising 57 packages across over 286 malicious versions. Miasma worm variant steals credentials from multiple companies and exfiltrates data to public GitHub repositories. Attack chain downloads and installs Bun JavaScript runtime, using it to load credential harvester; incorporates eBPF payload as kernel-level rootkit. Miasma payload is a derivative of the Shai-Hulud worm, with largely "cosmetic" changes while maintaining similar functionality. Attack chain can operate under radar due to GitHub's trusted status and lack of network-level detection for NPM traffic. Developers advised to rotate credentials, turn off install scripts, pin packages with integrity hashes to mitigate damage.
Threat Actors Target npm Ecosystem, Steal Credentials and Spread Malware
The npm (Node Package Manager) ecosystem has been hit by a new wave of malicious attacks, with threat actors utilizing both poisoned packages and legitimate ones to distribute a Rust-based information stealer and a self-spreading worm. According to JFrog, the information stealer "scrapes every secret it can find on a developer's machine, hides behind an eBPF kernel rootkit, and answers to its operator over Tor." This malware, codenamed IronWorm by JFrog, has been spotted in the npm registry, with threat actors leveraging this access to steal credentials associated with major companies such as OpenAI Codex, Anthropic, Claude, Google Gemini, Cursor, Amazon Web Services (AWS), Docker, Kubernetes, and npm.
The malicious activity is attributed to a compromised npm account named "asteroiddao," which was used to publish package versions containing the Rust ELF binary that executed via a preinstall hook. This approach results in a self-replicating attack, where once an infected package is installed, it can push additional malware-laced packages to other developers' machines. The compromised account has been found to contain over 50 malicious package versions.
In addition to the IronWorm attacks, another wave of supply chain attacks has targeted the npm ecosystem, with threat actors utilizing a distinct variant of the Miasma worm. This worm was previously known to have infected 32 packages across more than 90 versions under the @redhat-cloud-services npm namespace within just 72 seconds earlier this week. The new variant of the Miasma worm has compromised 57 npm packages across more than 286 malicious versions, with some affected packages including ai-sdk-ollama, autotel, awaitly, effect-analyzer, eslint-plugin-awaitly, executable-stories-cypress, http-uploader-dev, mountly, node-env-resolver, and node-env-resolver-aws.
The Miasma worm variant is notable for its ability to steal credentials associated with companies such as OpenAI Codex, Anthropic, Claude, Google Gemini, Cursor, AWS, Docker, Kubernetes, GitHub Actions, npm, RubyGems, PyPI, SSH, password managers, and AI assistants. This data is then exfiltrated to public GitHub repositories, each carrying the description "Miasma: The Spreading Blight" or "Miasma - The Spreading Blight." It's worth noting that this behavior allows the threat actors to dynamically change the 'firedalazer' commits in GitHub, making new versions of the malware more adaptive and sophisticated.
The attack chain is engineered to download and install the Bun JavaScript runtime, using it to load a comprehensive credential harvester that's tailored to extract secrets from various platforms. The malware also incorporates an eBPF payload that functions as a kernel-level rootkit to hide processes and thwart analysis, although this trick fails on systems where kernel lockdown is enabled.
The Miasma payload is assessed to be a derivative of the Shai-Hulud worm put to use by TeamPCP in recent campaigns, introducing largely "cosmetic" changes while keeping the underlying functionality similar. Despite the overlap in tradecraft, the attribution for the latest set of attacks remains unclear, given that TeamPCP has publicly released the Shai-Hulud code.
In a statement about the attack chain, OX Security researchers Moshe Siman Tov Bustan and Nir Zadok noted, "This turns GitHub into something more dangerous than a dead drop. It's an adaptive C2 - one that piggybacks on a trusted, widely whitelisted platform, making network-level detection nearly useless." They added that most security tools aren't configured to treat GitHub traffic as suspicious, allowing the threat actor to operate under the radar.
In response to these attacks, developers who have installed affected versions are advised to rotate credentials, turn off install scripts and native rebuilds by default, and ensure packages are pinned with integrity hashes. This can help mitigate the damage caused by these malicious attacks and prevent further propagation of the malware.
Related Information:
https://www.ethicalhackingnews.com/articles/NPM-Supply-Chain-Under-Siege-A-New-Wave-of-Malicious-Attacks-ehn.shtml
https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html
Published: Fri Jun 5 15:32:23 2026 by llama3.2 3B Q4_K_M
