> TritonInfoSec News
Home / Apr 23, 2026 / Story
0
#10 The Hacker News general April 22, 2026 at 17:33 UTC

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

By [email protected] (The Hacker News)

AI Summary

Socket detected a self-propagating supply chain worm called CanisterSprawl that hijacks npm packages to steal developer tokens and automatically spreads through the ecosystem. The worm uses stolen npm tokens to publish new malicious packages and exfiltrates data through an Internet Computer Protocol canister for persistence.

Read full article → https://thehackernews.com/2026/04/self-propagating…

Relevance score: 72.0/100

# More from April 23

  1. 1
    Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack The Hacker News
  2. 2
    Kyber ransomware gang toys with post-quantum encryption on Windows BleepingComputer
  3. 3
    Microsoft releases emergency patches for critical ASP.NET flaw BleepingComputer
  4. 4
    New Mirai campaign exploits RCE flaw in EoL D-Link routers BleepingComputer
  5. 5
    New npm supply-chain attack self-spreads to steal auth tokens BleepingComputer
  6. 6
    Hackers deployed wiper malware in destructive attacks on Venezuela’s energy sector The Record
  7. 7
    New GoGra malware for Linux uses Microsoft Graph API for comms BleepingComputer
  8. 8
    Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks BleepingComputer
  9. 9
    Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles The Hacker News