According to CoinWorld, SlowMist has detected a new type of Rust supply chain malware, Ironworm, which is using malicious npm packages to attack developer environments and the web3 ecosystem. Attacks include credential theft, wallet mnemonic phrase and password theft, GitHub repository tampering, malicious package distribution, CI/CD confidentiality leaks, Tor-based command control, and eBPF rootkit stealth. Security teams need to review backtracking commits, suspicious branches, accidental build hooks, and automated identity submissions.