Security

AsyncAPI npm Supply Chain Attack: Import-Time Malware

3 min read

Summary

Microsoft Threat Intelligence uncovered a coordinated compromise of the AsyncAPI npm organization that republished five package versions with malicious code that runs when packages are imported, not just installed. The incident matters because common mitigations like npm install --ignore-scripts do not stop this technique, putting developer workstations, CI/CD pipelines, and production services at risk if they resolved the affected versions.

Need help with Security?Talk to an Expert

Introduction

Microsoft has disclosed a significant software supply chain incident affecting the @asyncapi npm organization. The attack is notable because the malicious payload executes at import/require time, which means standard defenses such as npm install --ignore-scripts are not enough to prevent compromise.

For IT and security teams, this raises the urgency of reviewing developer environments, CI/CD pipelines, container builds, and any production workloads that may have pulled the affected package versions.

What happened

On July 14, 2026, five malicious package versions across four AsyncAPI package names were republished:

According to Microsoft, the injected loader executed immediately when a poisoned package was imported. It then spawned a detached Node.js process that fetched a second-stage payload, sync.js, from IPFS.

How the attack worked

Microsoft traced the compromise back to a misconfigured GitHub Actions workflow using pull_request_target in the asyncapi/generator repository.

Key elements of the attack chain included:

  • A malicious pull request that executed untrusted code in a privileged workflow
  • Exposure of a bot personal access token used for unauthorized pushes
  • Abuse of legitimate GitHub OIDC trusted publishing workflows
  • Publication of packages with valid provenance signatures despite unauthorized source changes
  • Delivery of a Miasma modular runtime with C2, persistence, and fallback channels

This is especially important because the packages appeared legitimate from a publishing and provenance perspective.

Why this matters for administrators

The blast radius extends beyond developers using AsyncAPI directly. Because @asyncapi/specs is a transitive dependency, downstream tools and builds may have imported the compromised code without explicit awareness.

Potentially affected environments include:

  • Developer workstations
  • Build agents and CI/CD pipelines
  • Container image build systems
  • Production services that resolved the affected versions

Microsoft Defender Antivirus detects related artifacts as Trojan:JS/MiasmStealer.SC and Trojan:Script/Supychain.A.

Organizations should act immediately:

  • Remove all five affected package versions
  • Purge npm and Yarn caches
  • Hunt for sync.js in OS-specific NodeJS masquerade directories
  • Block outbound traffic to 85.137.53.71 on ports 8080, 8081, and 8091
  • Rotate credentials accessible from systems that imported the compromised packages
  • Review GitHub Actions workflows for unsafe pull_request_target usage and overprivileged tokens

Final takeaway

This incident highlights how trusted publishing and signed provenance do not guarantee safe source changes. Security teams should treat CI/CD workflow hardening, dependency monitoring, and credential rotation as immediate priorities after any exposure to the affected AsyncAPI packages.

Need help with Security?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

AsyncAPInpmsupply chain attackGitHub Actionsmalware

Related Posts

Security

Defender Experts Adds Threat Intelligence and MDR

Microsoft has launched Defender Experts Threat Intelligence and expanded Defender Experts MDR with third-party and multi-cloud coverage powered by Microsoft Sentinel. The update helps security teams turn threat intelligence into action faster by combining expert-led guidance, unified Defender portal workflows, and broader cross-platform incident response.

Security

Salesforce OAuth Abuse: Microsoft Guidance on ShinyHunters

Microsoft detailed how threat activity associated with ShinyHunters abused trusted OAuth relationships in Salesforce to gain persistent access, exfiltrate CRM data, and evade traditional sign-in detections. The company also announced improved Salesforce telemetry and near-real-time detection in Defender for Cloud Apps, giving security teams better visibility into connected apps, OAuth scopes, and suspicious SaaS activity.

Security

Microsoft Entra ID Passkeys Default Rollout Dates

Microsoft will make passkeys the default authentication experience in Entra ID starting September 1, 2026, automatically prompting users currently using SMS or voice MFA to register a passkey. The change matters because Microsoft-provided SMS and voice authentication will be retired on February 1, 2027, pushing organizations toward phishing-resistant authentication and requiring admins to plan migrations now.

Security

Microsoft Secure Future Initiative July 2026 Update

Microsoft’s July 2026 Secure Future Initiative progress report highlights major security gains across identity, cloud resource isolation, vulnerability remediation, and AI-driven defense. The update matters to IT and security teams because it pairs measurable hardening progress with practical guidance on phishing-resistant MFA, secure defaults, composite attack paths, and post-quantum readiness.

Security

GigaWiper Malware: Microsoft Details Destructive Backdoor

Microsoft Threat Intelligence has published a deep analysis of GigaWiper, a Golang-based backdoor that combines command-and-control features with multiple destructive payloads, including disk wiping, fake ransomware, and system sabotage. The research matters because it shows attackers consolidating several malware families into a single modular implant, increasing flexibility while reducing deployment footprint.

Security

Microsoft SFI AI Hardens Cloud Security at Scale

Microsoft detailed an internal multi-agent AI system built under its Secure Future Initiative (SFI) to proactively evaluate and harden live cloud services. The approach speeds up deep security analysis from weeks to hours by correlating code, identity, network, configuration, and runtime signals to uncover composite risks that single-tool reviews can miss.