New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

A new npm supply-chain attack has infected 36 packages with Rust-based infostealer malware called IronWorm. According to BleepingComputer, the malware "targets 86 environment variables (key-value pairs) and 20 credential files that may contain OpenAI, AWS, Anthropic, and npm credentials, vault configuration files, SSH keys, and Exodus cryptocurrency wallet files." From the report: According to researchers at supply-chain and devops company JFrog, IronWorm is written in Rust, hides behind an eBPF

Used Waymo Robotaxi Batteries Become Backup Storage For Power Grids

Bees Can Use Tools To Solve Problems, Study Finds

Anthropic Urges Global Pause in AI Development, Flags 'Self-Improvement' Risk

Companies Are Using Reddit To Manipulate ChatGPT and Google AI Search

Meta Keeps Delaying the Release of Its New AI Model to Developers

LinkedIn China Spying Threat Prompts Warning From US, Allies

Supreme Court Sides With Trump Administration On Federal Regulation of Telecom Companies

Samsung Ditches New Jersey For Texas, Costing Garden State 1,000 Jobs

Apple Is Bringing Age Verification To Texas This Week

Google Ordered To Put Clearer Links In AI Search, Let UK Publishers Opt Out

NASA Says Goodbye to Its Longtime Mars MAVEN Mission

Amazon's New Stargate Series Is Officially Dead

Demand Is Booming For New No Tech, Repairable Tractor

Fedora Linux 43 Exposes 20-Year-Old Microsoft Outlook Security Failure

New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

ICT news