https://cybercrime.club/tags/web3/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usThu, 04 Jun 2026 23:08:59 -0400https://cybercrime.club/posts/ironworm-rust-npm-worm-ebpf-rootkit-tor-c2/Thu, 04 Jun 2026 23:08:59 -0400https://cybercrime.club/posts/ironworm-rust-npm-worm-ebpf-rootkit-tor-c2/JFrog dissected IronWorm, a self-replicating npm supply-chain worm written in Rust that hides behind an eBPF kernel rootkit, beacons over Tor, and steals 86 env vars and 20+ credential files. 36 packages hit before it was caught.supply-chain