New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM
criticalnews
security
Source: SecurityWeekFebruary 24, 2026
Summary
A new supply chain attack called 'Sandworm_Mode' has been discovered in NPM (Node Package Manager, a repository where developers download code libraries). The malicious code spreads automatically like a worm, corrupts AI assistants that might use the infected code, steals sensitive information, and includes a destructive mechanism that can cause damage when activated.
Classification
Attack Type
Supply ChainData Extraction
Attack SophisticationAdvanced
Impact (CIA+S)
confidentiality
Affected Vendors
HuggingFace
Related Issues
Original source: https://www.securityweek.com/new-sandworm_mode-supply-chain-attack-hits-npm/
First tracked: February 24, 2026 at 11:00 AM
Classified by LLM (prompt v3) · confidence: 75%