IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer "scrapes every secret it can find on a developer's machine, hides behind an eBPF kernel rootkit, and

The article describes two coordinated npm software supply chain attacks: IronWorm, a Rust-based stealer that hides behind an eBPF rootkit and self-propagates via trojanized npm packages, and a new Miasma worm variant that abuses npm install hooks (including binding.gyp) to spread across dozens of packages and maintainer accounts.[1][3] According to JFrog and StepSecurity, the malware aggressively harvests secrets from developer machines and CI/CD systems, including credentials and configuration files for AI coding assistants and AI-related services such as OpenAI, Anthropic/Claude, Google Gemini, and Vapi.ai SDKs, then uses the stolen tokens to backdoor more projects and registries.[1][3] From a CyberSE.AI perspective, this is a critical AI software supply chain risk because compromise of npm dependencies used by AI agents, SDKs, or AI-assisted IDE workflows can silently exfiltrate AI API keys, training data access tokens, and CI/CD secrets, enabling downstream model abuse and tampering. Organizations should implement SBOM-based dependency inventory, strict npm and CI/CD hardening, and continuous red teaming of AI development pipelines to detect malicious install-time behavior and