Red Hat npm Miasma Attack Hits CI/CD Supply Chains

Introduction

Microsoft has disclosed a significant software supply chain attack affecting npm packages published under the @redhat-cloud-services namespace. The campaign, dubbed Miasma, shows how attackers can abuse trusted CI/CD publishing workflows to distribute malicious packages with legitimate-looking provenance, raising the stakes for organizations that rely on open-source dependencies in build pipelines.

What’s new

Microsoft Threat Intelligence found that attackers compromised the upstream RedHatInsights/javascript-clients CI/CD pipeline and used the legitimate GitHub Actions OIDC publishing flow to push 32 malicious packages across more than 90 versions.

Key technical findings include:

• Malicious preinstall hook: The infected packages executed automatically during npm install via a weaponized preinstall script.
• Multi-stage malware chain: The package launched an obfuscated 4.29 MB dropper, decrypted additional payloads, downloaded the Bun runtime, and executed a second-stage stealer.
• Broad credential theft: The malware targeted secrets from GitHub, npm, AWS, Azure, GCP, HashiCorp Vault, Kubernetes, and local developer environments.
• CI/CD-focused behavior: On Linux runners, it scraped GitHub Actions runner memory for secrets and attempted privilege escalation using passwordless sudo.
• Worm-like propagation: The payload tried to republish poisoned packages from compromised maintainer accounts using forged provenance metadata.
• Destructive capability: In some scenarios, the malware could trigger rm -rf ~/, wiping a victim’s home directory.

Why this matters for administrators

This attack is notable because the malicious packages were published through a trusted publisher workflow, meaning they carried authentic provenance signatures. For IT and security teams, that weakens assumptions that signed or provenance-backed packages are automatically safe.

Organizations running Linux-based CI/CD pipelines are at particular risk, but developer workstations on Windows, macOS, and Linux were also targeted. Any environment with cached cloud credentials, SSH keys, browser data, or package publishing tokens could be exposed.

Recommended next steps

Administrators should take the following actions immediately:

• Audit environments for any use of affected @redhat-cloud-services packages and related versions.
• Rotate exposed credentials, especially for GitHub, npm, Azure, AWS, GCP, Vault, and Kubernetes.
• Review CI/CD runners for unusual process chains such as node -> shell -> bun.
• Check for unauthorized package publishing activity and suspicious provenance metadata.
• Harden build agents by reducing token scope, limiting sudo access, and isolating runner secrets.
• Use Microsoft Defender and related security tooling to investigate signs of credential theft or downstream package tampering.

Microsoft says it coordinated with npm to remove affected repositories and add protections to the namespace. Security teams should still treat this as a reminder to strengthen dependency governance, monitor software publishing workflows, and validate secrets exposure in CI/CD systems.