Slow Fog: The new Rust supply chain malicious activity IronWorm is attacking the Web3 ecosystem through npm packages
By: rootdata|2026/06/05 04:45:01
0
Share
According to SlowMist monitoring, a new type of Rust supply chain malware activity named IronWorm is attacking developer environments and the Web3 ecosystem through malicious npm packages. Potential attack behaviors include credential theft, wallet mnemonic and password theft, GitHub repository tampering, malicious package publishing, CI/CD secret leakage, Tor-based command control, and eBPF rootkit stealth.
Security teams should audit the repository for backtracked commits, suspicious branches, unexpected build hooks, and commits from automated identities such as claude, dependabot, renovate, or github-actions. It is recommended to remove or deprecate affected package versions, publish clean versions, rotate all leaked keys and tokens, review GitHub Actions artifacts, and rebuild potentially compromised development or CI systems from clean images.
You may also like
Will MicroStrategy fall into a death spiral? What will the macro trend be in the second half of the year?
The cryptocurrency industry may gradually shift from the hype of native altcoins to real asset tokenization, on-chain machine economy, and a more mature industrialization phase.
Blockchain Capital Partner: The Core Secret of Arbitrage
On cold starts, breaking the circle, and the toughest hurdle for founders to overcome.
STRC unanchored by 11%, can the perpetual motion machine of Strategy still operate?
Beyond the leverage crunch, what is even more concerning is the liquidity reserves of the Strategy.
Bitcoin Market Analysis 2026: Can BTC Reach $150K by Year-End?
Bitcoin price prediction 2026: Can BTC hit $150,000 by year-end? Explore Fed policy, Kevin Warsh's stance, Bitcoin ETF flows, exchange data, and BTC market forecasts.
Bitcoin ETF Outflows Hit a Record $4.4 Billion: What Are Traders Doing With Their Cash?
Bitcoin ETFs lost $4.4 billion over 13 trading days, raising questions about market sentiment and Bitcoin's bottom. Here's what Standard Chartered is watching and how traders are managing idle stablecoin balances during uncertain markets.
WEEX App Just Got Smarter – New Tabs for Faster Trades & Easy Asset Management
Discover WEEX App’s new trading tabs: Futures, TradFi, Copy Trade (users)/ Elite Trade (lead traders) on the same page. Solve messy navigation, find opportunities faster, and manage all trades in one place.
WEEX All-New Search Features: Find, Trade & Earn Faster Than Ever
Supercharged search is here! Discover WEEX’s upgraded Search features with hot events, new listings, live market sentiment, and one-click trading. Trade smarter, seize every opportunity.
Morning Report | Illinois signs the strictest digital asset tax law in the U.S.; RWA tokenization market size surpasses $43 billion, institutions accelerate the migration of on-chain assets
Overview of Important Market Events on June 17
Full version of the debut Q&A! Federal Reserve Chairman Waller: Sticking to the 2% inflation target, establishing five special working groups, individual did not submit the dot plot
Federal Reserve Chairman Waller's debut featured a significant slimming statement, the cancellation of forward guidance, refusal to submit the dot plot, and the establishment of five working groups, vowing to uphold the 2% inflation target, which triggered a sharp decline in U.S. stocks and a surge ...
From Disruptor to Shadow Market: The Crypto Market is Becoming a Colony of Traditional Finance
"Coin-stock linkage" has evolved from the early stage of macro correlation and one-way penetration of emotional funds to the current 3.0 stage, where on-chain perpetual contracts provide extended trading hours and emotional signal value for traditional assets 24/7, and participate in Pre-IPO pricing...
Dalio's important long article: How to position in the current market environment?
Do not confuse the excitement for new technologies with whether those tech stocks are attractive.
OKX Star analyzes Binance's competitive advantages: when regulation levels the playing field, competition has just begun
OKX founder Star published a lengthy article, systematically analyzing Binance's competitive advantages over the years: regulatory arbitrage, speculative narrative cycles, social media control, and superficial compliance, stating that the essence of these advantages is not product capability, but ra...
New gameplay for participating in initial offerings on cryptocurrency exchanges
In this competition for cutting-edge assets, what has always been truly scarce is not the technology, but the underlying equity itself.
Why Is Bitcoin Down Today? What the Hawkish FOMC Means for SpaceX, Gold and Nasdaq
Why is Bitcoin down today? A hawkish FOMC pressured crypto and gold, while SpaceX surged to a $2.5 trillion valuation and Nasdaq gained attention. Here's what happened and why traders are looking beyond Bitcoin.
DeepSeek Financing Story
DeepSeek's financing insider information exposed: "Four-hour meeting" fully demonstrates Liang Wenfeng's determination for AGI, over a hundred institutions involved, Sequoia and Hillhouse rarely absent, not poaching talent is the hardest red line.
Morning Report | DeepSeek completes over $7 billion in financing, with a valuation exceeding $50 billion; Musk's personal wealth has surpassed the total market value of Bitcoin
Overview of Important Market Events on June 16
Cursor, why did you get on Musk's spaceship?
SpaceX set a record with its IPO, spending a staggering $60 billion to acquire the popular AI programming unicorn Cursor just four days later. Musk is using the ultimate puzzle of "super computing power + top coding engine" to propel the market value skyrocketing, surpassing Amazon in one fell swoop...
In the name of charity, for the benefit of the family: How the Trump family turned charity into profit?
This set of "beautiful rhetoric and value return to one's own people" has not stopped at charitable foundations; it has now almost been transferred intact to American Bitcoin.
Will MicroStrategy fall into a death spiral? What will the macro trend be in the second half of the year?
The cryptocurrency industry may gradually shift from the hype of native altcoins to real asset tokenization, on-chain machine economy, and a more mature industrialization phase.
Blockchain Capital Partner: The Core Secret of Arbitrage
On cold starts, breaking the circle, and the toughest hurdle for founders to overcome.
STRC unanchored by 11%, can the perpetual motion machine of Strategy still operate?
Beyond the leverage crunch, what is even more concerning is the liquidity reserves of the Strategy.
Bitcoin Market Analysis 2026: Can BTC Reach $150K by Year-End?
Bitcoin price prediction 2026: Can BTC hit $150,000 by year-end? Explore Fed policy, Kevin Warsh's stance, Bitcoin ETF flows, exchange data, and BTC market forecasts.
Bitcoin ETF Outflows Hit a Record $4.4 Billion: What Are Traders Doing With Their Cash?
Bitcoin ETFs lost $4.4 billion over 13 trading days, raising questions about market sentiment and Bitcoin's bottom. Here's what Standard Chartered is watching and how traders are managing idle stablecoin balances during uncertain markets.
WEEX App Just Got Smarter – New Tabs for Faster Trades & Easy Asset Management
Discover WEEX App’s new trading tabs: Futures, TradFi, Copy Trade (users)/ Elite Trade (lead traders) on the same page. Solve messy navigation, find opportunities faster, and manage all trades in one place.
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
