npm (Node Package Manager registry)

IronWorm self-propagating malware hits 36 npm packages (2026)

Researchers disclosed IronWorm, a Rust-based, self-propagating infostealer that compromised 36 npm packages, stealing developer and CI secrets and republishing trojanized packages using stolen npm publishing credentials.

Victim

npm (Node Package Manager registry)