SlowMist(@SlowMist_Team):We recently issued an alert regarding the active supply chain attack targeting the foundational Node.js library node-ipc (malicious versions: 9.1.6, 9.2.3, 12.0.1). ✍️We have now published a detailed technical analysis covering the attack background, payload deobfuscation, credential stealing & DNS tunneling exfiltration, trigger mechanisms, and remediation recommendations. 📖 Full Analysis:

SlowMist

@SlowMist_Team

SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.

Joined April 2018

405 Following 88.5K Followers

SlowMist@SlowMist_Team

2026.05.16 11:03

We recently issued an alert regarding the active supply chain attack targeting the foundational Node.js library node-ipc (malicious versions: 9.1.6, 9.2.3, 12.0.1). ✍️We have now published a detailed technical analysis covering the attack background, payload deobfuscation, credential stealing & DNS tunneling exfiltration, trigger mechanisms, and remediation recommendations. 📖 Full Analysis: