IronWorm and Miasma Signal a New Phase in npm Supply-Chain Warfare

The recent npm campaigns involving IronWorm and a revived Miasma variant expose structural weaknesses in the JavaScript ecosystem that extend far beyond isolated package poisoning. JFrog's analysis shows IronWorm's Rust ELF binary, delivered through trojanized packages from the compromised asteroiddao account, scrapes 86 environment variables while embedding an eBPF rootkit to conceal its presence. This payload then weaponizes stolen credentials to push malicious commits across nine GitHub organizations, mimicking Anthropic's Claude identity to lower developer suspicion. Unlike earlier credential-harvesting attempts, IronWorm closes the loop by abusing npm Trusted Publishing to mint short-lived tokens for further propagation without external C2 infrastructure. Endor Labs and StepSecurity documentation of the parallel Miasma resurgence, which compromised 57 packages in 286 versions, reveals the same self-replicating pattern seen in the earlier @redhat-cloud-services cluster that spread in under 72 seconds. These operations target high-value AI and cloud secrets—OpenAI Codex, Anthropic, AWS, and Kubernetes configurations—while deliberately skipping the attacker's own Exodus wallet, indicating operational discipline rather than opportunistic theft. Mainstream reporting understates the escalation: previous worms such as Shai-Hulud relied on manual credential reuse, whereas IronWorm automates GitHub Actions workflow replacement and kernel-level hiding. The convergence of Rust malware, eBPF evasion, and automated repository injection marks a shift from opportunistic abuse to engineered persistence within the developer toolchain. Persistent gaps in dependency verification and the absence of mandatory provenance checks for npm packages continue to enable this class of attack, allowing threat actors to treat open-source registries as both initial access vector and amplification platform.