Slow Fog: The new Rust supply chain malicious activity IronWorm is attacking the Web3 ecosystem through npm packages
By: rootdata|2026/06/05 04:45:01
0
Share
According to SlowMist monitoring, a new type of Rust supply chain malware activity named IronWorm is attacking developer environments and the Web3 ecosystem through malicious npm packages. Potential attack behaviors include credential theft, wallet mnemonic and password theft, GitHub repository tampering, malicious package publishing, CI/CD secret leakage, Tor-based command control, and eBPF rootkit stealth.
Security teams should audit the repository for backtracked commits, suspicious branches, unexpected build hooks, and commits from automated identities such as claude, dependabot, renovate, or github-actions. It is recommended to remove or deprecate affected package versions, publish clean versions, rotate all leaked keys and tokens, review GitHub Actions artifacts, and rebuild potentially compromised development or CI systems from clean images.
You may also like
Get Paid to Onboard? Try WEEX’s New Homepage with Rewards for Registration, Deposit & Trade
WEEX just launched a brand new homepage and a 3-step new user onboarding guidance. Complete Registration → Deposit → Trade to earn exclusive rewards. Faster navigation, clear progress, and instant bonuses. Download the latest WEEX App to try it now.
WEEX Custom Layout: Build Your Perfect Trading Workspace in Seconds
WEEX introduces custom layout on futures trading page: left/right panel switch, hide/show core modules, full-screen focus, and one-click reset. Trade your way now.
See “Buy Walls” & “Sell Walls” Instantly: WEEX Launches the Depth Chart for Smarter Trades
Spot market liquidity at a glance. WEEX’s new Depth Chart shows you buy/sell walls, support & resistance levels, and order book depth. Perfect for large orders and scalping. Try it now on WEEX Futures.
What Is Quick Trade on WEEX? 2 Ways WEEX Ends Chart-Panel Jumping
WEEX has launched the quick trade features on futures trading, allowing you to place orders directly on the price axis. No more switching panels. 4 order units supported. Live on WEEX Futures Web.
Morning News | Five major virtual asset platforms in South Korea have experienced 57 incidents of hacking and system failures in six years; Grayscale submits registration application for Canton ETF
Overview of Important Market Events on June 7th
Should we escape the peak? The principle of the tail-end market in the stock market
The truth behind the Rockefeller escape myth: the end of the bull market is not due to overheating emotions, but rather the exhaustion of new funds. Currently, market buying volume has been concentrated and released, so it is advised to be cautious of "tail-end market trends" and gradually take prof...
RootData: May 2026 Cryptocurrency Exchange Transparency Research Report
In May, the spot trading volume of cryptocurrency exchanges was $725.7 billion, a slight decrease of 2.2% compared to April, marking the fifth consecutive month of decline since January, reflecting the overall trend of the market's continued movement.
Founder of Baixing.com: My Experience with Claude Code in Fourteen Points
Treat Claude Code as a horse (or as a person), not as a car. A car turns under its own command, while a horse has its own ideas; we just need to set the goals and boundaries.
Yang Ge Gary: Agent Economics and AI Microeconomics
After the singularity explosion, the evolution clock of AI accelerated continuously, leading to the rapid formation of new civilizational generations in different regions around the world.
When reasoning becomes a scarce resource, who captures its value?
The company that ultimately wins will not be the one with the most GPUs, but the one that can tell you which GPUs are available where and at what price, and route each workload to where it can run at the lowest cost.
Jensen Huang dramatically "rescues" the South Korean stock market
The entire industry supply chain—from wafers to packaging to silicon photonics... everything is in short supply due to such high demand. This situation will last for several years.
Stablecoins vs Deposit Tokens: On the surface, they seem like opposing sides, but in reality, they are interconnected
Great powers compete for standards, while small countries build barriers.
Bitcoin Crash to $50,000 or Bear Trap Before $100,000? Deep Dive for WEEX Traders
Is Bitcoin heading to $50k or getting ready to blast off to $100k? Check out this breakdown of liquidations, ETF flows, and whales buying the dip.
How Could the SpaceX IPO Affect Bitcoin, Altcoins season, and Crypto Liquidity?
Will the SpaceX IPO affect Bitcoin prices? Discover how SpaceX's reported BTC holdings, crypto liquidity shifts, ETF outflows, and the biggest IPO in history could impact Bitcoin and the broader crypto market.
The ambitions of Kalshi, MTS, and a16z
The prediction market may be the only field in 2025 that can collectively excite prestigious dollar fund investors, digital currency enthusiasts, and media professionals.
The AI bubble is bursting
In the clamor of the bubble, the potential of the underlying productivity is not inflated at all.
Real withdrawal is to release water: When crypto VCs position themselves in the Agent network effect
In the high-value scenario of finance, blockchain serves as an open financial testing ground, and stablecoins are the certificates for agents optimizing market processes. This is not about scale and resource investment; it is about the establishment and expansion of mechanisms.
Has the narrative of BTC as "digital gold" failed?
What truly matters is not whether it will rise, but whether you can live to see that day.
Get Paid to Onboard? Try WEEX’s New Homepage with Rewards for Registration, Deposit & Trade
WEEX just launched a brand new homepage and a 3-step new user onboarding guidance. Complete Registration → Deposit → Trade to earn exclusive rewards. Faster navigation, clear progress, and instant bonuses. Download the latest WEEX App to try it now.
WEEX Custom Layout: Build Your Perfect Trading Workspace in Seconds
WEEX introduces custom layout on futures trading page: left/right panel switch, hide/show core modules, full-screen focus, and one-click reset. Trade your way now.
See “Buy Walls” & “Sell Walls” Instantly: WEEX Launches the Depth Chart for Smarter Trades
Spot market liquidity at a glance. WEEX’s new Depth Chart shows you buy/sell walls, support & resistance levels, and order book depth. Perfect for large orders and scalping. Try it now on WEEX Futures.
What Is Quick Trade on WEEX? 2 Ways WEEX Ends Chart-Panel Jumping
WEEX has launched the quick trade features on futures trading, allowing you to place orders directly on the price axis. No more switching panels. 4 order units supported. Live on WEEX Futures Web.
Morning News | Five major virtual asset platforms in South Korea have experienced 57 incidents of hacking and system failures in six years; Grayscale submits registration application for Canton ETF
Overview of Important Market Events on June 7th
Should we escape the peak? The principle of the tail-end market in the stock market
The truth behind the Rockefeller escape myth: the end of the bull market is not due to overheating emotions, but rather the exhaustion of new funds. Currently, market buying volume has been concentrated and released, so it is advised to be cautious of "tail-end market trends" and gradually take prof...
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
