Self-Propagating Supply Chain Worm Hijacks Npm Packages to Steal Developer Tokens

Cybersecurity researchers have identified a self-propagating supply chain worm named CanisterSprawl that compromises npm packages to steal developer tokens and credentials, spreading by injecting malicious postinstall hooks into affected packages. The worm exfiltrates sensitive data from developer environments, including npm configuration files, cloud credentials, SSH keys, and browser data, to push poisoned package versions and expand its reach, posing significant risks to open-source supply chains.

https://thehackernews.com/2026/04/self-propagating-supply-chain-worm.html

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top