AttackFeed by Joe Wagner | Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages  - The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages  – The Hacker News

Posted on By [email protected] (The Hacker News)
Attack Feeds

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages with a previously undocumented self-propagating worm dubbed CanisterWorm.
The name is a reference to the fact that the malware uses an ICP canister, which refers to tamperproof smart contracts on  –

Read More  – The Hacker News 

You may also like

AttackFeed by Joe Wagner | Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?  - Data and computer security | The Guardian
Attack Feeds
Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?  – Data and computer security | The Guardian
May 16, 2026
AttackFeed by Joe Wagner | Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials  - The Hacker News
Attack Feeds
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials  – The Hacker News
April 2, 2026
AttackFeed by Joe Wagner | Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign  - The Hacker News
Attack Feeds
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign  – The Hacker News
March 30, 2026
AttackFeed by Joe Wagner | Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages  - The Hacker News
Attack Feeds
All AI and Security Teams Need Transparent Data Pipelines  – Hackread – Cybersecurity News, Data Breaches, AI and More
March 24, 2026