Skip to main content
Sign in
Miasma npm Supply Chain Attack (Red Hat)1 decision on this page

Audit log

Every state-changing event for Miasma npm Supply Chain Attack (Red Hat): moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-06-24 12:16:15Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 428,588,987
    sig
    mZ7AS5ucXSUY…c9sDzquKexplorer ↗
    hash
    9suigWLyJ8DU…L9LzWpttsha256 → base58
    verifying row…full verify ↗
    canonical bytes (30610 B) ▸
    {"actor":"system:backfill","investigation_id":"37967195-2a0f-4b41-88c2-13dc83b3ffc7","kind":"publish","page_slug":"miasma-npm-supply-chain-attack-red-hat","published_at":"2026-06-24T12:16:15.123Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Miasma npm Supply Chain Attack (Red Hat)","sections":[{"content":"On June 1, 2026, security researchers at Wiz identified a supply chain compromise affecting packages published under the @redhat-cloud-services npm namespace. The attack, subsequently named Miasma, was executed in two waves: the first between approximately 10:53–10:53 UTC and the second between 13:44–13:46 UTC. At least 32 package releases containing unauthorized modifications were published, including versions of frontend-components, compliance-client, rbac-client, vulnerabilities-client, rule-components, remediations-client, tsc-transform-imports, topological-inventory-client, sources-client, and host-inventory-client. Socket identified 95–96 affected package versions across the 32 packages. The combined packages received approximately 80,000 to 116,991 weekly downloads. Red Hat confirmed that no release of the Hybrid Cloud Console was built or shipped with compromised versions, as internal version pinning and a publication process that strips installation-time scripts prevented product contamination.","heading":"Attack Overview","severity":"critical","sources":[{"credibility":2,"name":"Miasma: Supply Chain Attack Targeting RedHat npm Packages — Wiz Blog","type":"research","url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"},{"credibility":1,"name":"Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign — Microsoft Security Blog","type":"research","url":"https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/"},{"credibility":2,"name":"Miasma Supply Chain Attack: Malicious Code in Red Hat Cloud Services npm Packages — Snyk","type":"research","url":"https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/"},{"credibility":1,"name":"Red Hat Security Bulletin RHSB-2026-006","type":"official","url":"https://access.redhat.com/security/vulnerabilities/RHSB-2026-006"},{"credibility":2,"name":"Red Hat npm Supply Chain Attack — Orca Security","type":"research","url":"https://orca.security/resources/blog/red-hat-npm-supply-chain-attack/"},{"credibility":2,"name":"Miasma Supply Chain Attack Compromises Red Hat npm Packages — The Hacker News","type":"news_article","url":"https://thehackernews.com/2026/06/miasma-supply-chain-attack-compromises.html"},{"credibility":2,"name":"Shai-Hulud malware worms Red Hat npm packages — The Register","type":"news_article","url":"https://www.theregister.com/security/2026/06/01/shai-hulud-malware-infects-red-hat-npm-packages-downloaded-80k-times-weekly/5249803"}]},{"content":"The attack originated from a single compromised GitHub account belonging to a Red Hat employee. Dark web monitoring firm Whiteintel detected a Red Hat GitHub credential and active session cookie in infostealer logs on April 13, 2026, and again on May 15, 2026. Whiteintel noted that the session cookie represented a fully-authenticated session in which multi-factor authentication had already been satisfied, enabling direct replay without re-authentication. The earliest evidence of malicious activity in the affected repositories — a commit containing the string 'Miasma: The Spreading Blight' — appeared on May 29, 2026, indicating the attacker either staged or tested from that date. The attack chain escalated to public impact on June 1, 2026. The 48-day gap between the April 13 credential sighting and the June 1 attack illustrates a common pattern in infostealer-enabled supply chain operations, where harvested credentials circulate in underground markets before deployment. Whiteintel explicitly stated it could not confirm a direct causal connection between the detected credential and the Miasma attack. Attackers used the compromised account to push malicious orphan commits into repositories within the RedHatInsights GitHub organization, bypassing branch protections and code review requirements.","heading":"Initial Access: Compromised Employee Credentials","severity":"critical","sources":[{"credibility":2,"name":"Red Hat Miasma Attack: A Linked GitHub Credential Surfaced in Stealer Logs — Whiteintel","type":"research","url":"https://whiteintel.io/blog/red-hat-miasma-supply-chain-attack"},{"credibility":2,"name":"Miasma Supply Chain Attack: The Seven-Week Credential Trail — CybelAngel","type":"research","url":"https://cybelangel.com/blog/miasma-supply-chain-attack-the-seven-week-credential-trail/"},{"credibility":2,"name":"Miasma Supply Chain Attack Compromises Red Hat npm Packages — The Hacker News","type":"news_article","url":"https://thehackernews.com/2026/06/miasma-supply-chain-attack-compromises.html"},{"credibility":2,"name":"Miasma: Supply Chain Attack Targeting RedHat npm Packages — Wiz Blog","type":"research","url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"}]},{"content":"The attacker exploited GitHub Actions workflows already present in the compromised repositories. These workflows were configured to trigger on push to any branch and requested GitHub's OIDC identity token with id-token: write permission. The OIDC token was exchanged for npm publish rights, allowing the attacker to publish malicious package versions carrying valid SLSA provenance attestations — technically correct attestations generated by real GitHub Actions infrastructure, but from unauthorized workflow executions. This rendered standard provenance verification insufficient to detect the compromise. The pattern mirrors earlier supply chain incidents in 2026, including compromises of the Bitwarden CLI (April 22), SAP npm packages (April 29), PyTorch Lightning (April 30), and Microsoft's DurableTask package (May 19), several of which also exploited trusted publishing via GitHub Actions OIDC.","heading":"Attack Mechanism: GitHub Actions OIDC Abuse and Trusted Publishing","severity":"critical","sources":[{"credibility":2,"name":"Miasma Supply Chain Attack: Malicious Code in Red Hat Cloud Services npm Packages — Snyk","type":"research","url":"https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/"},{"credibility":2,"name":"Miasma: Supply Chain Attack Targeting RedHat npm Packages — Wiz Blog","type":"research","url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"},{"credibility":2,"name":"Miasma npm Supply Chain Attack: Red Hat Cloud Services Packages — aikido.dev","type":"research","url":"https://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm"},{"credibility":2,"name":"The npm Threat Landscape: Attack Surface and Mitigations — Palo Alto Unit 42","type":"research","url":"https://unit42.paloaltonetworks.com/monitoring-npm-supply-chain-attacks/"}]},{"content":"Each compromised package contained a preinstall lifecycle script that executed automatically during npm install, before any application code ran, requiring no user interaction beyond installation. The preinstall hook loaded a 4.2 MB obfuscated JavaScript payload employing four distinct obfuscation layers: ROT-based decoding, AES-128-GCM decryption, obfuscator.io string-array protection, and PBKDF2-HMAC-SHA-256 encryption. The payload generated a uniquely encrypted output per infection, complicating hash-based indicator-of-compromise detection. The malware harvested a broad range of developer and cloud credentials, including: GitHub Actions secrets and runtime GITHUB_TOKEN values; npm, PyPI, Docker, and GPG publish tokens; AWS access keys and session tokens; GCP service account credentials and Azure service principal and managed identity tokens; HashiCorp Vault tokens; Kubernetes kubeconfig files and service account tokens; CircleCI tokens; SSH private keys; and .env files. The payload additionally scraped GitHub Actions Runner process memory directly — locating worker processes and extracting secrets from address space — a technique that circumvents GitHub's log-masking defenses. A distinctive capability involved enumerating all GCP and Azure identities accessible from the infected machine, representing an expansion of cloud identity targeting relative to prior Shai-Hulud variants. The worm's self-propagation mechanism used harvested npm OIDC tokens to republish backdoored versions of other packages the compromised identity had publish access to, generating forged SLSA provenance attestations for each downstream compromise and creating a cascading supply-chain effect. Repositories created by the worm were labeled 'Miasma: The Spreading Blight.' The payload also established persistence on Windows, macOS, and Linux via OS-level persistence mechanisms, and targeted 166 cryptocurrency browser extension IDs, including MetaMask, Phantom, Coinbase Wallet, Binance Wallet, TronLink, and others, by enumerating browser profile Local Extension Settings directories.","heading":"Payload: Credential Harvesting and Self-Propagating Worm","severity":"critical","sources":[{"credibility":1,"name":"Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign — Microsoft Security Blog","type":"research","url":"https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/"},{"credibility":2,"name":"Miasma: Supply Chain Attack Targeting RedHat npm Packages — Wiz Blog","type":"research","url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"},{"credibility":2,"name":"Miasma CSA Research Note — Cloud Security Alliance Labs","type":"research","url":"https://labs.cloudsecurityalliance.org/research/csa-research-note-miasma-npm-supply-chain-redhat-20260603-cs/"},{"credibility":2,"name":"Red Hat npm Supply Chain Attack — Orca Security","type":"research","url":"https://orca.security/resources/blog/red-hat-npm-supply-chain-attack/"},{"credibility":2,"name":"Mini Shai-Hulud 'Miasma: The Spreading Blight' Hits @redhat-cloud-services — SafeDep","type":"research","url":"https://safedep.io/redhat-cloud-services-hit-by-mini-shai-hulud-npm-worm/"}]},{"content":"Security researchers attributed the Miasma payload to the TeamPCP threat actor, also tracked as UNC6780 (Google), DeadCatx3, PCPcat, ShellForce, and CipherForce. TeamPCP is a financially motivated cybercriminal group that emerged in late 2025 and is responsible for a series of npm and PyPI supply chain attacks. On May 12, 2026, TeamPCP published the full Mini Shai-Hulud source code on GitHub under the message 'Shai-Hulud: Open Sourcing The Carnage,' accompanied by operational guidance encouraging independent campaigns. Simultaneously, TeamPCP announced a contest on BreachForums offering monetary rewards for the largest supply chain attack executed using the released code. Because the source code was publicly released, researchers including Wiz noted that definitive attribution of Miasma to TeamPCP versus a copycat actor cannot be established. The observable modifications in the Miasma variant are described as largely cosmetic — replacing Dune universe references in the original code with Greek mythology themes. The Mini Shai-Hulud malware family has a documented evolution spanning from the original Shai-Hulud worm (September 2025), through SHA1-Hulud (November 2025), a SANDWORM_MODE variant (March 2026), and the fourth-generation Mini Shai-Hulud (April 2026). Prior campaigns using this family compromised over 170 npm and PyPI packages with approximately 518 million cumulative weekly downloads, impacting organizations including OpenAI, Mistral AI, the European Commission, GitHub, Aqua Security, Bitwarden, and Checkmarx. CVE-2026-45321 was assigned specifically to the earlier TanStack compromise within this campaign family, with a CVSS v4.0 score of 9.6. No CVEs were assigned to the Miasma incident itself.","heading":"Attribution: TeamPCP and the Mini Shai-Hulud Malware Family","severity":"high","sources":[{"credibility":2,"name":"TeamPCP Ups the Game, Releases Shai-Hulud Worm's Source Code — SecurityWeek","type":"news_article","url":"https://www.securityweek.com/teampcp-ups-the-game-releases-shai-hulud-worms-source-code/"},{"credibility":2,"name":"Mini Shai-Hulud: Frequently Asked Questions — Tenable","type":"research","url":"https://www.tenable.com/blog/mini-shai-hulud-frequently-asked-questions"},{"credibility":2,"name":"New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here — OX Security","type":"research","url":"https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/"},{"credibility":2,"name":"Miasma: Supply Chain Attack Targeting RedHat npm Packages — Wiz Blog","type":"research","url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"},{"credibility":2,"name":"Miasma NPM Supply Chain Attack — phoenix.security","type":"research","url":"https://phoenix.security/miasma-redhat-cloud-services-npm-supply-chain-shai-hulud-variant/"}]},{"content":"The Miasma payload carried a hardcoded list of 166 cryptocurrency browser extension IDs, targeting wallets including MetaMask, Phantom, Coinbase Wallet, Binance Wallet, and TronLink, among others. The malware enumerated browser profile Local Extension Settings directories, matched installed extensions against the hardcoded list, and exfiltrated the matched inventory along with associated credential material. Developer environments running the compromised @redhat-cloud-services packages — including CI/CD pipelines operating on cloud infrastructure — represent an elevated risk vector for organizations building or maintaining cryptocurrency or Web3 applications, as stolen developer credentials could provide direct access to private keys, deployment secrets, or treasury-management tooling. The worm's self-propagation capability means that any organization whose npm publish tokens were harvested may have inadvertently republished further compromised packages, extending the potential blast radius to downstream consumers of those packages.","heading":"Cryptocurrency and Web3 Risk","severity":"critical","sources":[{"credibility":1,"name":"Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign — Microsoft Security Blog","type":"research","url":"https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/"},{"credibility":2,"name":"Miasma npm Worm: RedHat Supply Chain Credential Theft — Upwind","type":"research","url":"https://www.upwind.io/feed/miasma-npm-supply-chain-worm-redhat-credential-harvest"},{"credibility":2,"name":"Miasma Supply Chain Attack: Malicious Code in Red Hat Cloud Services npm Packages — Snyk","type":"research","url":"https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/"}]},{"content":"Red Hat published Security Bulletin RHSB-2026-006 on June 1, 2026, updated June 3, 2026. The bulletin confirmed that a compromised GitHub account was used to push unauthorized commits to repositories in the RedHatInsights GitHub organization. Red Hat stated that no Red Hat products or enterprise software were built or shipped with compromised versions, citing internal version pinning by engineering teams and a publication process that strips installation-time scripts before deployment. The affected libraries are frontend JavaScript components used in the Hybrid Cloud Console (console.redhat.com) web interface and are unrelated to Azure Red Hat OpenShift, OpenShift Dedicated, or Red Hat OpenShift Service on AWS. Red Hat's position, based on findings available at the time of the bulletin, was that no customer actions were required. Red Hat removed compromised versions from npm following disclosure and stated that investigation of build systems and dependency tracking was ongoing.","heading":"Red Hat Response and Official Guidance","severity":"medium","sources":[{"credibility":1,"name":"Red Hat Security Bulletin RHSB-2026-006","type":"official","url":"https://access.redhat.com/security/vulnerabilities/RHSB-2026-006"}]},{"content":"Security researchers from Snyk, Wiz, Orca, and Microsoft published consistent remediation recommendations for organizations that may have installed affected @redhat-cloud-services packages. Recommended steps include: (1) pinning dependencies away from all affected versions and reinstalling using npm install --ignore-scripts to prevent payload execution during reinstall; (2) assuming all credentials reachable from affected environments are compromised and rotating them immediately, including npm tokens, GitHub tokens, AWS access keys, GCP service account credentials, Azure service principal credentials, Kubernetes service account tokens, HashiCorp Vault tokens, SSH keys, and CircleCI tokens; (3) auditing GitHub organizations for unauthorized repositories, particularly those labeled 'Miasma: The Spreading Blight,' and for unauthorized Actions workflow files; (4) removing attacker-planted persistence hooks from configuration files; (5) inspecting developer workstations and CI/CD runners for signs of infostealer compromise; and (6) implementing structural controls including dependency allowlisting, enforced branch protection with mandatory code review, narrowly scoped OIDC trust policies, and npm publish 2FA requirements. Snyk noted that provenance verification alone proved insufficient in this incident, as valid SLSA attestations were generated by real GitHub Actions infrastructure despite unauthorized workflow modifications.","heading":"Remediation Guidance","severity":"high","sources":[{"credibility":2,"name":"Miasma Supply Chain Attack: Malicious Code in Red Hat Cloud Services npm Packages — Snyk","type":"research","url":"https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/"},{"credibility":2,"name":"Miasma: Supply Chain Attack Targeting RedHat npm Packages — Wiz Blog","type":"research","url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"},{"credibility":2,"name":"Red Hat npm Supply Chain Attack — Orca Security","type":"research","url":"https://orca.security/resources/blog/red-hat-npm-supply-chain-attack/"},{"credibility":1,"name":"Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign — Microsoft Security Blog","type":"research","url":"https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/"}]},{"content":"The Miasma incident occurred within a broader wave of npm and PyPI supply chain attacks in spring 2026, several directly linked to the TeamPCP Mini Shai-Hulud campaign. Notable preceding incidents include the Bitwarden CLI compromise via poisoned GitHub Actions (April 22, 2026), four SAP npm packages via a leaked npm token (April 29, 2026), PyTorch Lightning on PyPI (April 30, 2026), Microsoft's DurableTask package (May 19, 2026), and TanStack packages, which received CVE-2026-45321 (CVSS 9.6). TeamPCP's May 12, 2026 open-sourcing of the Shai-Hulud worm on GitHub, accompanied by a BreachForums contest incentivizing independent attacks, created conditions for a rapid proliferation of copycat variants. OX Security identified at least four copycat npm packages deploying Shai-Hulud clones in May 2026. Subsequent reporting indicated that a Miasma v2 variant introduced a malicious binding.gyp file propagation mechanism and expanded the scope to 57 or more packages. IronWorm, a separate Shai-Hulud derivative, hit additional npm packages in a subsequent wave.","heading":"Broader Supply Chain Context","severity":"high","sources":[{"credibility":2,"name":"New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here — OX Security","type":"research","url":"https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/"},{"credibility":2,"name":"Mini Shai-Hulud: Frequently Asked Questions — Tenable","type":"research","url":"https://www.tenable.com/blog/mini-shai-hulud-frequently-asked-questions"},{"credibility":2,"name":"The npm Threat Landscape: Attack Surface and Mitigations — Palo Alto Unit 42","type":"research","url":"https://unit42.paloaltonetworks.com/monitoring-npm-supply-chain-attacks/"},{"credibility":2,"name":"Miasma v2: Self-Spreading npm Worm Now Uses Malicious binding.gyp — Semgrep","type":"research","url":"https://semgrep.dev/blog/2026/miasma-v2-self-spreading-npm-worm-now-uses-malicious-bindinggyp-file-and-compromises-57-packages/"},{"credibility":2,"name":"IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks — The Hacker News","type":"news_article","url":"https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html"}]}],"sources_used":[{"credibility":2,"name":"Miasma: Supply Chain Attack Targeting RedHat npm Packages — Wiz Blog","type":"research","url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"},{"credibility":1,"name":"Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign — Microsoft Security Blog","type":"research","url":"https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/"},{"credibility":2,"name":"Miasma Supply Chain Attack: Malicious Code in Red Hat Cloud Services npm Packages — Snyk","type":"research","url":"https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/"},{"credibility":1,"name":"Red Hat Security Bulletin RHSB-2026-006","type":"official","url":"https://access.redhat.com/security/vulnerabilities/RHSB-2026-006"},{"credibility":2,"name":"Red Hat npm Supply Chain Attack — Orca Security","type":"research","url":"https://orca.security/resources/blog/red-hat-npm-supply-chain-attack/"},{"credibility":2,"name":"Red Hat Miasma Attack: A Linked GitHub Credential Surfaced in Stealer Logs — Whiteintel","type":"research","url":"https://whiteintel.io/blog/red-hat-miasma-supply-chain-attack"},{"credibility":2,"name":"Miasma Supply Chain Attack: The Seven-Week Credential Trail — CybelAngel","type":"research","url":"https://cybelangel.com/blog/miasma-supply-chain-attack-the-seven-week-credential-trail/"},{"credibility":2,"name":"Miasma Supply Chain Attack Compromises Red Hat npm Packages — The Hacker News","type":"news_article","url":"https://thehackernews.com/2026/06/miasma-supply-chain-attack-compromises.html"},{"credibility":2,"name":"Shai-Hulud malware worms Red Hat npm packages — The Register","type":"news_article","url":"https://www.theregister.com/security/2026/06/01/shai-hulud-malware-infects-red-hat-npm-packages-downloaded-80k-times-weekly/5249803"},{"credibility":2,"name":"Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm — aikido.dev","type":"research","url":"https://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm"},{"credibility":2,"name":"TeamPCP Ups the Game, Releases Shai-Hulud Worm's Source Code — SecurityWeek","type":"news_article","url":"https://www.securityweek.com/teampcp-ups-the-game-releases-shai-hulud-worms-source-code/"},{"credibility":2,"name":"Mini Shai-Hulud: Frequently Asked Questions — Tenable","type":"research","url":"https://www.tenable.com/blog/mini-shai-hulud-frequently-asked-questions"},{"credibility":2,"name":"New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here — OX Security","type":"research","url":"https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/"},{"credibility":2,"name":"Miasma CSA Research Note — Cloud Security Alliance Labs","type":"research","url":"https://labs.cloudsecurityalliance.org/research/csa-research-note-miasma-npm-supply-chain-redhat-20260603-cs/"},{"credibility":2,"name":"The npm Threat Landscape: Attack Surface and Mitigations — Palo Alto Unit 42","type":"research","url":"https://unit42.paloaltonetworks.com/monitoring-npm-supply-chain-attacks/"},{"credibility":2,"name":"Miasma NPM Supply Chain Attack — phoenix.security","type":"research","url":"https://phoenix.security/miasma-redhat-cloud-services-npm-supply-chain-shai-hulud-variant/"},{"credibility":2,"name":"Mini Shai-Hulud 'Miasma: The Spreading Blight' Hits @redhat-cloud-services — SafeDep","type":"research","url":"https://safedep.io/redhat-cloud-services-hit-by-mini-shai-hulud-npm-worm/"},{"credibility":2,"name":"Miasma v2: Self-Spreading npm Worm Now Uses Malicious binding.gyp — Semgrep","type":"research","url":"https://semgrep.dev/blog/2026/miasma-v2-self-spreading-npm-worm-now-uses-malicious-bindinggyp-file-and-compromises-57-packages/"},{"credibility":2,"name":"IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks — The Hacker News","type":"news_article","url":"https://thehackernews.com/2026/06/ironworm-and-new-miasma-worm-variant.html"},{"credibility":2,"name":"Miasma npm Worm: RedHat Supply Chain Credential Theft — Upwind","type":"research","url":"https://www.upwind.io/feed/miasma-npm-supply-chain-worm-redhat-credential-harvest"}],"summary":"On June 1, 2026, a supply chain attack designated 'Miasma' compromised at least 32 npm package releases under the @redhat-cloud-services namespace, collectively receiving approximately 80,000–116,991 weekly downloads. A single Red Hat employee's GitHub account was exploited after credentials appeared in infostealer logs as early as April 13, 2026 — a gap of roughly seven weeks before weaponization. The payload, derived from the TeamPCP 'Mini Shai-Hulud' malware family, is a self-propagating worm that harvests developer and cloud credentials, injects persistent GitHub Actions workflows, and targets 166 cryptocurrency browser extensions.","timeline":[{"date":"2025-09-01","event":"Original Shai-Hulud worm emerged as the first self-replicating malware targeting the npm ecosystem, attributed to TeamPCP.","source":"Tenable Mini Shai-Hulud FAQ","source_url":"https://www.tenable.com/blog/mini-shai-hulud-frequently-asked-questions"},{"date":"2026-04-13","event":"A Red Hat employee's GitHub credential and active session cookie first appeared in infostealer logs, as later identified by Whiteintel.","source":"Whiteintel — Red Hat Miasma Attack: A Linked GitHub Credential Surfaced in Stealer Logs","source_url":"https://whiteintel.io/blog/red-hat-miasma-supply-chain-attack"},{"date":"2026-04-22","event":"Bitwarden CLI compromised via a poisoned GitHub Actions workflow — an early incident in the broader Shai-Hulud campaign wave.","source":"aikido.dev — Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm","source_url":"https://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm"},{"date":"2026-05-12","event":"TeamPCP published the full Mini Shai-Hulud source code on GitHub ('Shai-Hulud: Open Sourcing The Carnage') and announced a BreachForums contest incentivizing independent supply chain attacks using the code.","source":"SecurityWeek — TeamPCP Ups the Game, Releases Shai-Hulud Worm's Source Code","source_url":"https://www.securityweek.com/teampcp-ups-the-game-releases-shai-hulud-worms-source-code/"},{"date":"2026-05-15","event":"The same Red Hat employee GitHub credential appeared a second time in infostealer logs from a distinct source channel.","source":"Whiteintel — Red Hat Miasma Attack: A Linked GitHub Credential Surfaced in Stealer Logs","source_url":"https://whiteintel.io/blog/red-hat-miasma-supply-chain-attack"},{"date":"2026-05-29","event":"Earliest malicious commit containing the string 'Miasma: The Spreading Blight' detected in the affected RedHatInsights repositories.","source":"The Hacker News — Miasma Supply Chain Attack Compromises Red Hat npm Packages","source_url":"https://thehackernews.com/2026/06/miasma-supply-chain-attack-compromises.html"},{"date":"2026-06-01","event":"First wave of malicious @redhat-cloud-services packages published between approximately 10:53–10:53 UTC across three repositories.","source":"Wiz — Miasma: Supply Chain Attack Targeting RedHat npm Packages","source_url":"https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packages"},{"date":"2026-06-01","event":"Public disclosure by Wiz Research at approximately 13:00 UTC; most malicious versions revoked from npm.","source":"Snyk — Miasma Supply Chain Attack: Malicious Code in Red Hat Cloud Services npm Packages","source_url":"https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/"},{"date":"2026-06-01","event":"Second malicious wave published between approximately 13:44–13:46 UTC; root cause identified.","source":"Snyk — Miasma Supply Chain Attack: Malicious Code in Red Hat Cloud Services npm Packages","source_url":"https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/"},{"date":"2026-06-01","event":"Red Hat published Security Bulletin RHSB-2026-006; stated no customer action required and no Red Hat products were shipped with compromised versions.","source":"Red Hat Security Bulletin RHSB-2026-006","source_url":"https://access.redhat.com/security/vulnerabilities/RHSB-2026-006"},{"date":"2026-06-01","event":"The Register reported Socket had identified 95 affected package versions as of 11:00 UTC; combined weekly download count cited as approximately 80,000.","source":"The Register — Shai-Hulud malware worms Red Hat npm packages","source_url":"https://www.theregister.com/security/2026/06/01/shai-hulud-malware-infects-red-hat-npm-packages-downloaded-80k-times-weekly/5249803"},{"date":"2026-06-02","event":"Additional compromised package versions discovered; Microsoft Defender Security Research Team published incident analysis.","source":"Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign — Microsoft Security Blog","source_url":"https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/"},{"date":"2026-06-03","event":"Red Hat Security Bulletin RHSB-2026-006 updated with preliminary findings; investigation described as ongoing.","source":"Red Hat Security Bulletin RHSB-2026-006","source_url":"https://access.redhat.com/security/vulnerabilities/RHSB-2026-006"}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 24bc6e04-3130-4c78-a282-84f8780d2952
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.