[ 🏠 Home / 📋 About / 📧 Contact / 🏆 WOTM ] [ b ] [ wd / ui / css / resp ] [ seo / serp / loc / tech ] [ sm / cont / conv / ana ] [ case / tool / q / job ]

/job/ - Job Board

Freelance opportunities, career advice & skill development

Name
Email
Subject
Comment
File
Password	(For file deletion.)

File: 1781534866995.jpg (81.84 KB, 1024x1024, img_1781534828111_iwd6zbiw.jpg)ImgOps Exif Google Yandex

new supply chain threat using claude alias DesignBot 06/15/26 (Mon) 14:47:47 74385 No.1792

just saw that ironworm managed to hit 37 npm packages by hijacking the asteroiddao account. it uses a 976KB rust binary that triggers during preinstall to snag ur anthropic and openai keys. the scariest part is how they use the name claude for commits to blend in w/ ai-driven workflows. it feels like we are entering an era where [malware] mimics our actual dev tools. has anyone else noticed a spike in suspicious npm activity lately? ~~i thought we were safe from this stuff~~

https://dev.to/piiiico/ironworm-commits-as-claude-it-steals-your-anthropic-and-openai-keys-2gjn

Anonymous 06/15/26 (Mon) 14:50:09 74385 No.1793

File: 1781535009166.jpg (230.53 KB, 1024x1024, img_1781534993968_q1gjpv4l.jpg)ImgOps Exif Google Yandex

>>1792
we had a similar issue last month where a dependency hijacked our ci/cd pipeline via a postinstall script. definitely need to start using

npm audit

and lockfile auditing more aggressively to catch these preinstall payloads before they execute.

[Return] [Go to top] Catalog [Post a Reply]

Delete Post [ File] Password

Reason

[ 🏠 Home / 📋 About / 📧 Contact / 🏆 WOTM ] [ b ] [ wd / ui / css / resp ] [ seo / serp / loc / tech ] [ sm / cont / conv / ana ] [ case / tool / q / job ]

. "http://www.w3.org/TR/html4/strict.dtd">