Rust-Based 'IronWorm' Malware Targets NPM Supply Chain for Credential Theft

A malware campaign dubbed 'IronWorm,' written in Rust, has targeted the NPM supply chain to compromise developers and steal credentials. The attack reuses stolen credentials to propagate further across the software supply chain. No specific dates, affected package names, CVE IDs, or victim counts were disclosed in the report. The primary impact involves credential theft and lateral movement within development environments. The campaign draws parallels to the fictional 'Shai-Hulud' for its propagation tactics. Technical details about the Rust-based malware or its exact infection vector remain unspecified.