Miasma Malware Targets Red Hat npm Packages in New Supply Chain Attack

Miasma is a software supply-chain campaign that injected malicious install-time code into multiple @redhat-cloud-services npm packages to steal credentials and secrets, exfiltrate data (to api.anthropic.com), and propagate via GitHub by abusing tokens and the createCommitOnBranch API to produce verified commits. The malware includes persistence in developer tools and CI/CD, privilege-escalation attempts, endpoint detection evasion, and investigators believe a compromised Red Hat GitHub account served as the initial entry point; researchers urge isolation, credential rotation, and thorough auditing of repositories, CI artifacts, and developer environments.