Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SANDWORM_MODE supply-chain worm targeting AI assistant configs

Malware Activity
First reported
Last updated
Happening score
H score 22
1 unique sources, 1 articles

Summary

Hide ▲

The SANDWORM_MODE worm is spreading through malicious npm packages, stealing developer and CI credentials and injecting rogue MCP servers into AI assistant configurations. It also harvests API keys for multiple large language model providers, widening the blast radius beyond software dependencies. The operation uses typosquatting, compromised npm/GitHub accounts, and staged payloads to reach developers and CI environments. Anyone who installed affected packages faces secret theft, repository tampering, and downstream account compromise risk.

Related Happenings

Malware-Slop malicious npm file-theft campaign

Campaign
First: 27.05.2026 18:44 Last: 27.05.2026 18:44 Sources 1

About this happening: The **Malware-Slop** campaign is distributing a malicious **npm** package that steals local files from installers, creating an unauthorized data-transfer risk for users of **Anthr...

Open Happening

Mouse5212-super-formatter postinstall GitHub exfiltration package

Malware Activity
First: 27.05.2026 18:44 Last: 27.05.2026 18:44 Sources 1

About this happening: The **mouse5212-super-formatter** npm package is a **malicious infostealer** that can siphon files from **/mnt/user-data**, putting **Anthropic Claude** user data at risk of unaut...

Open Happening

GlassWorm supply-chain malware activity

Malware Activity
First: 27.05.2026 14:48 Last: 27.05.2026 14:48 Sources 1

About this happening: The **GlassWorm** malware activity is now under a coordinated **C2 disruption**, reducing its ability to deliver new instructions and payloads to infected developer systems. The o...

Open Happening

TrapDoor trap-core.js credential-stealing package malware

Malware Activity
First: 25.05.2026 08:59 Last: 25.05.2026 08:59 Sources 1

About this happening: The **TrapDoor** package malware is spreading across **npm, PyPI, and Crates.io**, putting **developer secrets, cloud credentials, SSH keys, and crypto wallets** at risk. The malw...

Open Happening

TrapDoor cross-ecosystem supply-chain campaign

Campaign
First: 25.05.2026 08:59 Last: 25.05.2026 08:59 Sources 1

About this happening: The **TrapDoor** supply-chain campaign has expanded across **npm, PyPI, and Crates.io**, using **34+ malicious packages** to steal developer secrets and credentials. The operation...

Open Happening

Timeline

  1. 23.02.2026 18:00 2 articles · 3mo ago

    SANDWORM_MODE supply-chain worm disclosed

    Initial Disclosure

    Socket's Threat Research Team disclosed SANDWORM_MODE as a Shai-Hulud-like supply-chain worm spreading through at least 19 malicious npm packages published under the aliases official334 and javaorg. The malware used typosquatting and a concealed multi-stage payload to steal developer and CI credentials, inject rogue MCP servers into AI assistant configurations such as Claude Desktop, Cursor, VS Code Continue and Windsurf, and harvest API keys for nine large language model providers. Socket also said it notified npm, GitHub and Cloudflare, and that Cloudflare disabled associated infrastructure, npm removed the malicious packages, and GitHub dismantled related repositories.

    Show sources
    Open in new tab