On March 20, 2026 at 20:45 UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden malicious code. What they had caught was CanisterWorm, a self-spreading npm worm deployed by the threat actor group TeamPCP. We track this

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

CanisterWorm is a self-spreading npm worm discovered on March 20, 2026, deployed by threat actor group TeamPCP. It originated from stolen npm tokens harvested via a compromised Trivy GitHub Actions workflow. Once a developer installs an infected package, a postinstall hook steals npm tokens, installs a persistent Python backdoor via systemd (Linux only), and automatically republishes the worm under all packages the victim has publish access to. The C2 infrastructure runs on the Internet Computer Protocol (ICP), a decentralized blockchain, making it resistant to conventional takedowns. Over 50 npm packages across multiple organizations were affected. Detection involves checking for a 'pgmon' systemd service and associated files, while remediation requires stopping the service, removing files, and rotating all npm credentials.

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive