Wormsign — npm supply-chain worm detection
Technology & Software › Developer Tools › APIs / SDKs
Wormsign.io is a security-focused project led by a full-time security engineer that analyzes npm and PyPI supply-chain activity. It detaches and analyzes confirmed-malicious packages in a sandbox to produce edge-blockable STIX/TAXII indicators for blue teams, offering a long-tail, historically deep feed to help detect and hunt for software supply-chain threats.
Launch record
May 20, 2026
Domain registered
May 27, 2026 — 5:59 AM UTC
Launch detected
May 27, 2026 — 5:59 AM UTC
Homepage snapshot archived
Captured when the launch was detected. Preserved as a historical record.
Current status
Owner
Unclaimed
Detected location
US
Hosting
GitHub Pages
Registrar
Immaterialism Limited
WebsiteLaunches Analysis
Trust evidence
Observable signals about this site's presence and identity on the web.
Reachability & presence
Contact methods detected (email)
Social profiles detected (Twitter)
Ownership & team
No owner attached yet
No attribution pages detected yet
Content originality
WebsiteLaunches Analysis
Content originality
We analyze text and images across millions of websites using similarity detection to identify large-scale content duplication and reuse.
This signal indicates whether widespread duplication patterns were detected at the time of analysis.
Signals update over time.
No widespread duplicate content detected
Discussion
Log in to comment or vote.