ALL POSTS

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

Key Findings * TeamPCP cybercriminal group suspected behind supply chain attack * 47 npm packages compromised across multiple scopes * Self-propagating CanisterWorm uses ICP blockchain canister as command-and-control infrastructure * Attack leverages npm package postinstall hooks to execute malware * Worm can automatically spread using stolen npm authentication tokens * Decentralized C2 infrastructure makes takedown efforts difficult Background The supply chain attack targets

Mar 212 min read