{"id":1192,"date":"2026-06-05T19:18:12","date_gmt":"2026-06-05T19:18:12","guid":{"rendered":"https:\/\/thedigitalfortress.us\/?p=1192"},"modified":"2026-06-05T19:18:12","modified_gmt":"2026-06-05T19:18:12","slug":"ironworm-and-new-miasma-worm-variant-hit-npm-in-supply-chain-attacks","status":"publish","type":"post","link":"https:\/\/thedigitalfortress.us\/?p=1192","title":{"rendered":"IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks"},"content":{"rendered":"
\n
<\/a><\/div>\n

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively.<\/p>\n

According to JFrog<\/a>, the information stealer \u00abscrapes every secret it can find on a developer’s machine, hides behind an eBPF kernel rootkit, and answers to its operator over Tor.\u00bb<\/p>\n

The stealer also uses the stolen credentials as a propagation mechanism, drawing similarities to the infamous Shai-Hulud worm. The new malware has been codenamed IronWorm<\/b> by the software supply chain security company. By publishing itself to the npm registry in the form of trojanized packages, the approach results in a self-replicating attack.<\/p>\n

The malicious activity has been traced back to a compromised npm account named \u00abasteroiddao<\/a>,\u00bb which has been found to publish package versions containing the Rust ELF binary that’s executed via a preinstall hook.<\/p>\n

The malware targets 86 environment variables, various files that may contain credentials associated with OpenAI Codex, Anthropic, Claude, Google Gemini, Cursor, Amazon Web Services (AWS), Docker, Kubernetes, and npm, vault configurations, and Exodus cryptocurrency wallet files.<\/p>\n

An unusual quirk worth mentioning here is that the stealer includes logic for the wallet data-stealing component to skip the threat actor’s own wallet. As of writing, the cryptocurrency wallet<\/a> is empty, and no transactions have been recorded.<\/p>\n

\n
\"Cybersecurity\"<\/a><\/div>\n<\/div>\n

JFrog described IronWorm as \u00aba supply chain weapon built to find secrets, modify projects, and inject malicious code to self-propagate across GitHub.\u00bb The malicious commits, which span nine GitHub organizations, have been introduced under the author name \u00abclaude\u00bb (\u00abclaude@users.noreply.github.com\u00bb) in an attempt to mimic Anthropic’s artificial intelligence (AI) chatbot.<\/p>\n

<\/p>\n

\u00abThe malicious npm package was published by asteroiddao; asteroiddao corresponds to the asteroid-dao GitHub organization; and ocrybit is a member of that organization, as well as related Arweave organizations,\u00bb the company explained.<\/p>\n

\u00abThe malware stole ocrybit’s credentials and used them to push commits across repositories it could access. Those commits planted malware into other packages, which could then be published and infect the next developer. And then it vanished.\u00bb<\/p>\n

What’s more, the malicious payload is equipped to swap existing GitHub Actions workflows for one that’s capable of harvesting the secrets, writing it to a harmless-looking file, and uploading it as a build artifact, thereby eliminating the need for an external command-and-control (C2) server.<\/p>\n

The malware’s capabilities don’t end there. In CI environments, it abuses npm’s Trusted Publishing flow to obtain short-lived tokens to push poisoned versions containing the malware to the registry.<\/p>\n

It also incorporates an eBPF payload that functions as a kernel-level rootkit to hide processes and thwart analysis. However, on systems where kernel lockdown is enabled, the process-hiding tricks fail, and the supposed processes and sockets become visible again.<\/p>\n

Miasma Worm Surfaces Again<\/h3>\n

The disclosure comes as Endor Labs<\/a> and StepSecurity<\/a> shed light on a distinct supply chain attack campaign that has compromised 57 npm packages across more than 286 malicious versions to serve a new variant of the Miasma worm, which previously infected 32 packages across more than 90 versions under the @redhat-cloud-services npm namespace within 72 seconds earlier this week.<\/p>\n

Some of the affected packages are listed below –<\/p>\n