All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Red Hat npm packages compromised in Miasma supply chain attack exposing developer credentials

10d ago· 1 min readenNews
Bagel score 38 of 100
38/100
Stale
Bagelometer

Sat out too long. The crust has gone leathery.

Score38TypenewsSentimentnegative

Summary

Security researchers at Wiz have identified a campaign called Miasma, the latest evolution of the Shai-Hulud malware family, targeting npm software supply chains. At least 32 package releases tied to Red Hat Cloud Services were compromised with unauthorized modifications, cumulatively averaging about 80,000 weekly downloads. The malware executes automatically during package installation, exposing developer credentials. Most infected packages have since been removed, reducing current exposure.

Key quotes

· 5 pulled
Wiz tracks the campaign as Miasma, described as the latest evolution of Shai-Hulud, a self-propagating malware family seen in npm software supply chain attacks.
Investigation found at least 32 package releases with unauthorized modifications that did not match their source repositories.
The affected packages cumulatively averaged about 80,000 weekly downloads.
Attackers compromised packages tied to Red Hat Cloud Services, targeting a trusted software ecosystem.
Compromised npm packages were published under Red Hat Cloud Services-related namespaces and included malware that executes automatically during package installation.
Snippet from the RSS feed
Wiz tracks the campaign as Miasma, described as the latest evolution of Shai-Hulud, a self-propagating malware family seen in npm software supply chain attacks. Investigation found at least 32 package releases with unauthorized modifications that did not

You might also wanna read

Multiple @redhat-cloud-services npm packages compromised in supply chain attack

Multiple npm packages under the @redhat-cloud-services scope have been compromised with malicious releases. The affected packages include @r

github.com·11d ago

Shai-Hulud: Largest npm Supply-Chain Compromise Affecting CrowdStrike and Hundreds of Packages

The Shai-Hulud malware campaign represents the largest and most dangerous npm supply-chain compromise in history, affecting hundreds of pack

koi.security·8mo ago

317 npm Packages Compromised in Mini Shai-Hulud Supply Chain Attack

A major npm supply chain attack occurred on May 19, 2026, when the npm account of maintainer "atool" was compromised. The attacker published

safedep.io·25d ago

GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware

GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant

about.gitlab.com·6mo ago

Major NPM Supply Chain Attack: @ctrl/tinycolor and 40+ Packages Compromised with Self-Propagating Malware

A sophisticated supply chain attack has compromised the popular @ctrl/tinycolor NPM package (with over 2 million weekly downloads) along wit

stepsecurity.io·8mo ago

NPM Vulnerability Allows 126 Malicious Packages to Be Downloaded 86,000+ Times

Security researchers have discovered a major vulnerability in NPM (Node Package Manager) that allows attackers to distribute malicious packa

arstechnica.com·7mo ago