Security · 1h ago
New npm Worms Bypass --ignore-scripts via Phantom Gyp
The Miasma worm uses a 'Phantom Gyp' technique to bypass npm's --ignore-scripts defense by embedding malicious code in binding.gyp files. This allows shell payload execution during package installation, even when scripts are disabled. The attack targets developer workstations and CI/CD pipelines.
Meridian48 take
The article highlights a clever evasion, but the real story is how supply chain attacks keep outpacing standard defenses, demanding more proactive security measures.
Read the full reporting
Docker Security Dispatch — Issue 4: Miasma, Phantom Gyp, and AI Routing 🪱️ →
DEV Community
npm-wormsupply-chain-security