The Hacker News
@thehackernews
⚠️ WARNING - A Trivy-linked supply chain attack has escalated into a self-propagating npm worm now spreading across dozens of packages.
It steals npm tokens, republishes itself, and spreads through developer machines and CI. Uses an ICP canister to rotate payloads and resist takedowns.
�� How the worm spreads and updates payloads → https://thehackernews.com/2026/03/trivy-supply-chain-attack-triggers-self.html
It steals npm tokens, republishes itself, and spreads through developer machines and CI. Uses an ICP canister to rotate payloads and resist takedowns.
�� How the worm spreads and updates payloads → https://thehackernews.com/2026/03/trivy-supply-chain-attack-triggers-self.html
🔥 7
🤯 6
👍 4
⚡ 1
😱 1
31 10.4K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram