New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk

•

1 Jun 2026

malware npm

weavedb-warp-contracts-plugin-deploy

discovered 2026-06-03

IronWorm trojanized npm package published from compromised `asteroiddao` account.

Threat types

credential_stealer worm data_exfiltration

Malicious versions

1.0.11

Campaigns

IronWormattributed-to