IronWorm npm Supply-Chain Worm Uses eBPF Rootkit
JFrog Security disclosed IronWorm, a Rust-based npm information-stealing worm found in 36 package versions. It uses an eBPF rootkit and Tor for stealth and propagates through stolen credentials and trusted publishing workflows.