← Back to Daily Briefing

The Miasma supply chain campaign compromised the @redhat-cloud-services npm namespace by utilizing compromised GitHub accounts to push orphaned commits, effectively bypassing code review. Attackers exploited GitHub Actions OIDC identity tokens to publish malicious packages with valid SLSA provenance attestations, deploying a derivative of the Mini Shai-Hulud worm. This 4.2 MB obfuscated payload targets credentials for AWS, GCP, Azure, Kubernetes, and HashiCorp Vault while self-propagating via stolen npm tokens. In response, IBM and Red Hat launched Project Lightwell, a $5 billion AI-driven security clearinghouse designed to automate the validation and backporting of security fixes across the open-source ecosystem.

  • Campaign Analysis: The Miasma Worm

    • Targeted 32+ packages within the @redhat-cloud-services npm namespace, resulting in 90+ malicious releases.
    • Achieved a reach of approximately 116,991 cumulative weekly downloads before detection.
    • Utilized a reskinned version of the Mini Shai-Hulud framework to facilitate rapid credential exfiltration and ecosystem movement.
  • Technical Vectors: Bypassing Trust Frameworks

    • Pushed orphaned commits to RedHatInsights repositories to circumvent mandatory code review processes.
    • Leveraged GitHub Actions OIDC tokens to generate legitimate SLSA provenance, tricking verification tools into trusting tampered code.
    • Employed obfuscated preinstall scripts to harvest CI/CD secrets and cloud identities from infected developer environments.
    • Automated self-propagation by using stolen tokens and the bypass_2fa parameter to infect adjacent dependency chains.
  • Systemic Risk: The AI Remediation Gap

    • Frontier AI models, such as Anthropic’s Mythos, are accelerating vulnerability discovery (identifying ~3,900 critical OSS flaws) beyond the speed of manual patching.
    • The volume of ~50,000 annual CVEs creates a "remediation gap" that supply chain worms exploit for persistence.
    • Miasma demonstrates a shift from isolated credential theft to systemic, wormable infections of trusted enterprise namespaces.
  • Strategic Response: Project Lightwell

    • A $5 billion initiative employing 20,000 engineers to establish a trusted enterprise clearinghouse for open-source software.
    • Uses AI to identify, validate, and deliver backported security fixes directly into environments (e.g., npm, PyPI, Maven) without requiring disruptive version upgrades.
    • Expands security coverage beyond Red Hat products to include independent libraries, AI frameworks, and language toolchains.
    • Currently integrated by 11 major financial institutions, including JPMorganChase, Goldman Sachs, and Visa.
  • Defensive Mitigations: Reducing Attack Surface

    • Disable preinstall and postinstall scripts in npm configurations to block the immediate execution of malicious payloads.
    • Implement "NPM Package Cooldown" checks to flag or block dependencies published within a 48-hour window.
    • Rotate all CI/CD secrets, cloud tokens, and SSH keys if any affected @redhat-cloud-services package was installed after June 1, 2026.

Related posts

  1. Wiu
  2. Helpnetsecurity
  3. Cyberscoop
  4. Venturebeat
  5. securityweek.com — IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell”
  6. csoonline.com — IBM and Red Hat want to become the ‘security clearinghouse’ for open source applications in the enterprise
  7. Chainguard
  8. SOCFortress — Project Lightwell and the New Era of Structural Cybersecurity
  9. Malware News — Compromised @redhat-Cloud-Services Npm Packages Distribute Credential-Stealing Worm
  10. csoonline.com — Infected Red Hat npm packages expose developer credentials
  11. microsoft.com — Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign
  12. Phoenix
  13. ox.security — 600,000 Monthly Downloads Affected: Miasma Supply Chain Attack Is Back on npm
  14. Secure
  15. Storagereview
  16. Redhat
  17. Newsroom
  18. Northamericaoutlookmag
  19. Futurumgroup
  20. Youtube
  21. Thehackernews
  22. Reddit
  23. Mastodon
  24. Safedep
  25. Snyk
  26. Socprime
  27. Ucdenver
  28. Redsecuretech
  29. Stepsecurity
  30. Dev
  31. Thenextweb
  32. Opensourcemalware
  33. Labs
  34. Spreaker
  35. Aiweekly
  36. Complexdiscovery
  37. feeds.feedburner.com — ⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
  38. The Register - Security — GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
  39. Youtube
  40. App
  41. techcrunch.com — Microsoft’s open source tools were hacked to steal passwords of AI developers
  42. Govinfosecurity
  43. Labs
  44. Exchange
  45. Socprime
  46. Sonatype
  47. Dark Reading — Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
  48. Windowsforum
  49. Research
  50. SecurityWeek — Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

LINK COPIED TO CLIPBOARD