Dark ReadingArchived Jun 05, 2026✓ Full text saved
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
Full text archived locally
✦ AI Summary· Claude Sonnet
CYBERATTACKS & DATA BREACHES
APPLICATION SECURITY
VULNERABILITIES & THREATS
THREAT INTELLIGENCE
NEWS
Rust-Written IronWorm Hits NPM Supply Chain
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
Jai Vijayan,Contributing Writer
June 4, 2026
3 Min Read
SOURCE: EFKAYSIM VIA SHUTTERSTOCK
A newly discovered malware campaign targeting the open source software ecosystem underscores how rapidly supply chain threats are evolving.
The campaign, which JFrog has dubbed "IronWorm," targets developers through compromised npm publishing workflows and malicious package updates. The malware, written in Rust, harvests a wide range of developer secrets, including API keys, cloud credentials, SSH keys, and npm publishing tokens, and reuses them to spread further across the software supply chain.
Similar to the Shai-Hulud Campaign
JFrog identified the activity while investigating suspicious behavior linked to a developer account within the Arweave/WeaveDB open source ecosystem.
IronWorm’s payload shares architectural similarities with last year's Shai-Hulud worm and features a unique combination of mechanisms for credential theft, persistence, and covert Tor-based command-and-control communications (C2), JFrog said.
Related:Pakistan Spies on Afghan Finance Ministry With Xeno RAT
The security vendor's analysis showed IronWorm uses a rootkit that abuses the Linux kernel's extended Berkeley Packet Filter(eBPF) to hide malicious processes, files, network activity, and other behavior from security systems. It also encrypts embedded text using unique encryption keys throughout the codebase rather than a single hardcoded key, making the malware significantly harder to analyze and detect, JFrog said.
Researchers at OX Security also tracking the campaign described it as having affected at least 36 unique npm packages with more 32,000 combined monthly downloads. The company said the threat was mitigated before it could spread to other, more popular packages.
In its report, JFrog itself described the operator of the IronWorm campaign as having deprecated the malicious packages, silently removing them from GitHub within a day of publishing them to the repository. However, by then the threat actor appeared to have made at least 57 malicious code changes to repositories belonging to nine organizations, the security vendor added. The attacker backdated the changes in an attempt to obscure the timeline of compromise and to complicate forensic analysis, JFrog noted.
IronWorm: A Unique Piece of Malware?
"We checked the sample against every well-known infostealer, eBPF rootkit, and C2 framework we could think of, and matched none of them," JFrog said. "There are no source-repository URLs in the binary, no borrowed code we could recognize." JFrog concluded that the IronWorm payload with its combination of features and encryption is a "custom, carefully built implant" that someone is using in a sophisticated and painstaking operation.
Related:Tropical Blend: Cyber & Politics Ramp Up Across Latin America
"The closest comparison is the Shai-Hulud campaign," JFrog said. The malware we reviewed shares a lot with it: the same idea of compromising developers, stealing credentials, and using trusted software-supply-chain workflows to spread further, using the same commit names as Shai Hulud does. But it takes the same concept to the next level."
IronWorm is the latest indication of how developers and development environments have become prime targets for threat actors looking to compromise supply chains. Driving the interest is the fact that developers often hold privileged access to source code repositories, package registries, cloud environments, CI/CD pipelines, and signing keys. By compromising a single developer, threat actors can potentially introduce malicious code into trusted software projects and reach numerous downstream organizations and users.
Such attacks have unfolded in multiple ways. Earlier this year for example, a threat actor pushed malicious commits to more than 5,500 GitHub repositories in a matter of hours using a credential stealing malware payload dubbed Megalodon. In other campaigns, the TeamPCP cybercrime group compromised Trivy, a popular cloud security scanning tool, as well as other projects to deploy infostealers targeting cloud credentials, tokens, SSH keys and other secrets from CI/CD workflows. In 2024, attackers used a combination of stolen code, weaponized commits and a counterfeit Python package source to hijack GitHub accounts.
Related:Global Stock Exchange Hit by Monthslong Email Campaign
About the Author
Jai Vijayan
Contributing Writer
Illinois-based Jai Vijayan is a veteran, award-winning technology journalist with more than 25 years of experience covering cybersecurity. His information security reporting has explored everything from ransomware, nation-state threats, and identity security to AI risk, critical infrastructure protection, software supply chain security, cloud security and emerging enterprise technologies.
Over the course of his career, Jai has written news stories, feature articles, survey reports, white papers, and e-books for enterprise and technology audiences. He has also moderated panel discussions and executive roundtables featuring CISOs, security researchers, and industry leaders.
Jai previously served as senior editor at Computerworld, where he covered information security and data-privacy issues. His work has also appeared in CSO Online, InformationWeek, The Christian Science Monitor Passcode, The Economic Times, and other publications.
His work has earned multiple industry honors, including a Joint ASBPE Excellence Award for Best Coverage of Government IT, and a Joint Jesse H. Neal Award for wireless LAN security coverage. Jai holds a Master’s degree in statistics from Bangalore University, and studied broadcasting and electronic communication at Marquette University in Milwaukee.
Want more Dark Reading stories in your Google search results?
ADD US NOW
More Insights
Industry Reports
How Organizations Are Managing Incident Response
How Enterprises Are Developing Secure Applications
Inside RSAC 2026: security leaders reveal the risks redefining your defense strategy
Essential News & Insights from Black Hat USA 2025
How Enterprises Are Harnessing Emerging Technologies in Cybersecurity
Access More Research
Webinars
The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed
Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack
Defending in the Shadow Era: When the CVE Feed Goes Dark
Building SecOps That Make the Most of Every Dollar
AI-Powered Credential Security: Intelligence Without Exposure
More Webinars
You May Also Like
CYBERATTACKS & DATA BREACHES
Critical Fortinet Flaws Under Active Attack
by Jai Vijayan, Contributing Writer
DEC 17, 2025
CYBERATTACKS & DATA BREACHES
CISA Warns of 'Ongoing' Brickstorm Backdoor Attacks
by Rob Wright
DEC 04, 2025
CYBERATTACKS & DATA BREACHES
F5 BIG-IP Environment Breached by Nation-State Actor
by Alexander Culafi
OCT 15, 2025
CYBERATTACKS & DATA BREACHES
Jaguar Land Rover Shows Cyberattacks Mean (Bad) Business
by Robert Lemos, Contributing Writer
OCT 03, 2025
Editor's Choice
CYBERSECURITY OPERATIONS
20 Leaders Who Built the CISO Era: 2 Decades of Change
byDark Reading Editorial Team
MAY 12, 2026
41 MIN READ
APPLICATION SECURITY
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
byJai Vijayan
MAY 12, 2026
5 MIN READ
CYBERATTACKS & DATA BREACHES
Instructure Breach Exposes Schools' Vendor Dependence
byAlexander Culafi
MAY 6, 2026
4 MIN READ
Want more Dark Reading stories in your Google search results?
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
SUBSCRIBE
Webinars
The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed
TUESDAY, JUNE 23, 2026 1:00 PM EDT
Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack
THURS, JUNE 25, 2026, AT 1PM EST
Defending in the Shadow Era: When the CVE Feed Goes Dark
TUES, JUNE 16, 2026 AT 1PM EST
Building SecOps That Make the Most of Every Dollar
THURS, JULY 9, 2026 AT 1PM EST
AI-Powered Credential Security: Intelligence Without Exposure
WED, JUNE 17, 2026, AT 1PM EST
More Webinars
BLACK HAT USA | MANDALAY BAY, LAS VEGAS
The premier cybersecurity event of the year returns to Mandalay Bay with a re‑engineered, six‑day program built to ignite innovation, push boundaries, and bring the global security community together like never before. Use code: DARKREADING to save $200 on a Briefings pass or $100 on a Business pass.
GET YOUR PASS