Trivy Supply-Chain Compromise Spawns CanisterWorm, the First npm Worm to Use Blockchain for Command and Control
Attackers hijacked 75 of 76 version tags in the widely used trivy-action GitHub Action to steal CI/CD credentials, then deployed a self-propagating npm worm that uses the Internet Computer Protocol as an untakeable-down command-and-control channel.
5 min read5 sources