AttackFeed by Joe Wagner | Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens  - The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens  – The Hacker News

Posted on By [email protected] (The Hacker News) No Comments on Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens  – The Hacker News
Attack Feeds

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens.
The supply chain worm has been detected by both Socket and StepSecurity, with the companies tracking the activity under the name CanisterSprawl owing to the use of an ICP canister to exfiltrate the stolen data  –

Read More  – The Hacker News 

You may also like

AttackFeed by Joe Wagner | Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations  - The Hacker News
Attack Feeds
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations  – The Hacker News
April 6, 2026
AttackFeed by Joe Wagner | Researchers Say Fiverr Left User Files Open to Google Search  - Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
Researchers Say Fiverr Left User Files Open to Google Search  – Hackread – Cybersecurity News, Data Breaches, AI and More
April 16, 2026
AttackFeed by Joe Wagner | The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity  - The Hacker News
Attack Feeds
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity  – The Hacker News
March 6, 2026
AttackFeed by Joe Wagner | Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately  - The Hacker News
Attack Feeds
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately  – The Hacker News
April 29, 2026

Leave a Reply