On June 1, security firm StepSecurity disclosed that attackers had implanted backdoors into Red Hat’s official @redhat-cloud-services npm publishing scope. At least 32 packages and an estimated 64 to 95 individual versions were compromised, with the affected packages receiving approximately 117,000 weekly downloads. The malware is a derivative variant of the Shai-Hulud credential harvesting framework, publicly released on May 12, and is dubbed „Miasma.“ It triggers immediately via preinstall hooks when developers run npm install, without requiring any application code to execute. The installer script is 4.2 MB in size (normally similar files are only a few KB) and contains three layers of obfuscation. Once executed, it scans and exfiltrates GitHub Actions secrets, AWS/GCP/Azure/Kubernetes/HashiCorp Vault/npm/CircleCI access tokens by reading the raw memory of the build process (bypassing log leak protection). The list of compromised packages includes @redhat-cloud-services/chrome v2.3.1, @redhat-cloud-services/frontend-components v7.7.2, and others.
Miasma has self-replication capabilities: once it steals an npm publish token, it uses publishConfig to bypass two-factor authentication checks, pushes new backdoored versions to other packages accessible from the compromised account, and spreads along the dependency tree. The malicious code also explicitly detects and circumvents security tools such as CrowdStrike, SentinelOne, Carbon Black, and StepSecurity Harden-Runner, and skips environments with Russian language settings. The attackers did not steal login credentials but instead exploited a structural vulnerability in the npm GitHub Actions OIDC trusted publishing workflow — which only requires push access to the target repository and the ability to modify workflow files. The exact entry point has not been confirmed. Red Hat has confirmed that the affected packages have been removed from the npm registry and stated that „these packages are strictly limited to internal development tools, and the malicious code never ran in any Red Hat product or service.“ Notably, the Shai-Hulud framework that Miasma is based on was only made public 20 days prior to the attack (May 12), indicating that new offensive tools are being weaponized at an extremely fast pace.