THREATOPS
THREAT OPSThreat News › Miasma supply chain attack: malicious code found in @redhat-cloud-services npm packages

Miasma supply chain attack: malicious code found in @redhat-cloud-services npm packages

infosnykPublished 2026-06-01

A supply chain worm dubbed Miasma has been found in dozens of @redhat-cloud-services npm releases. The malicious preinstall hook steals credentials, probes cloud identities, and can republish other packages.

MITRE ATT&CK techniques

Original source: https://snyk.io/blog/miasma-supply-chain-attack-malicious-code-redhat-cloud-services-npm-packages/