Miasma Campaign Shows How npm Trust Can Be Abused Through CI/CD

A new npm supply chain incident shows that package trust isn't just about the name or the publisher namespace anymore. Wiz Research found that several releases under the @redhat-cloud-services npm scope were changed without matching their source repositories. These releases were used by many developers, which created a clear path from installing a dependency to exposing developer machines and CI/CD environments.

The campaign, called Miasma, used malicious JavaScript that ran during installation via preinstall scripts. Wiz says the payload was heavily obfuscated and linked to the Mini Shai-Hulud malware family, keeping the same tradecraft despite some cosmetic changes. The big change here is the focus on grabbing cloud identity data, specifically from GCP and Azure, found on the infected machine.

The root cause was a compromised Red Hat employee GitHub account. The attacker used it to push malicious orphan commits into RedHatInsights repositories. These commits contained a small GitHub Actions workflow that requested an OIDC token and ran an obfuscated script. This allowed the attacker to publish compromised npm packages that carried valid SLSA provenance attestations, which made the releases look much more legitimate than a typical rogue upload.

Security teams should start by checking dependency exposure and then move to credential hygiene. You need to review developer workstations, build runners, GitHub activity, workflow executions, package versions, and generated repositories. Since the malware targets secrets and cloud identity access, teams should rotate potentially exposed GitHub tokens, SSH keys, cloud credentials, and CI/CD secrets rather than just treating this as a package issue.

Miasma also teaches a wider lesson for software supply chain defense: provenance is helpful, but it isn't a complete control if the workflow that creates that provenance is compromised. Allowlisting, SBOM visibility, package verification, runtime monitoring in build environments, and alerting on unexpected repository or workflow activity must work together.