TECHNOLOGYglobal

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

Single source

Updated 4 hours ago

First seen March 21, 2026 11:55:46

Stay on top of this story

Follow the names and topics behind it.

Add this story's key topics to your watchlist so LyscoNews can highlight related developments and future matches.

Create free account

Create a free account to sync your watchlist, saved stories, and alerts across devices.

Quick Summary

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages with a previously undocumented self-propagating worm dubbed CanisterWorm. The name is a reference to the fact that the malware uses an ICP canister, which refers to tamperproof smart contracts on

Perspective lens

Deeper Analysis

All coverage links (1)

The Hacker NewsRegional / Local

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

7 hours ago