canisterworm - Robuta Search

https://gbhackers.com/canisterworm-hijacks-npm/ CanisterWorm Hijacks npm Publisher Accounts, Steals Tokens Mar 23, 2026 - A highly automated npm supply chain campaign, dubbed “CanisterWorm,” in which threat actors steal npm access tokens and weaponize legitimate publisher accounts... canisterworm hijacks npm publisher accounts https://thehackernews.com/2026/03/trivy-supply-chain-attack-triggers-self.html Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems. supply chain attack npm packages trivy triggers self https://www.aikido.dev/blog/teampcp-deploys-worm-npm-trivy-compromise TeamPCP deploys CanisterWorm on NPM following Trivy compromise Mar 21, 2026 - TeamPCP deploys CanisterWorm on NPM following Trivy compromise on npm teampcp deploys canisterworm following https://krebsonsecurity.com/tag/canisterworm/ CanisterWorm – Krebs on Security krebs on security canisterworm https://joripress.com/Compromised-Namastex-npm-Packages-Deliver-TeamPCP-Style-CanisterWorm-Malware Compromised Namastex npm Packages Deliver TeamPCP-Style CanisterWorm Malware - JoriPress Apr 23, 2026 - cybersecurity, npm, supply‑chain, malware, business risk, DefendMyBusiness npm packages compromised deliver teampcp style