A self-propagating npm supply chain worm has compromised multiple open-source packages associated with Namastex Labs, stealing secrets from developer environments. The attack shares tactics with previous CanisterWorm incidents attributed to TeamPCP. Security vendors Socket and StepSecurity are tracking ongoing malicious releases.
Safety
Another npm supply chain worm is tearing through dev environments
A self-propagating npm worm is harvesting developer credentials from Namastex Labs packages, echoing tactics from the TeamPCP-attributed CanisterWorm campaign.
Wednesday, April 22, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
safety