Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery
On July 14, 2026, the @asyncapi npm organization was compromised in a coordinated supply chain attack affecting five package versions across four packages. The attack exploited a GitHub Actions workflow vulnerability that exposed privileged credentials, allowing unauthorized code injection. The malicious payload executes at module import time, bypassing common npm install script protections. It deploys the Miasma modular runtime with command-and-control, persistence, and credential harvesting capabilities. The compromised packages were published through legitimate GitHub OIDC workflows with valid provenance signatures, masking the attack within trusted release processes.
AI Analysis
Technical Summary
This supply chain attack on the @asyncapi npm organization originated from a vulnerability in a GitHub Actions workflow that leaked privileged credentials. Attackers injected malicious code into five package versions across four packages. Unlike typical postinstall script attacks, this campaign executes payloads at module import time, circumventing npm install --ignore-scripts defenses. The malicious code spawns hidden processes that retrieve a second-stage payload from IPFS, deploying the Miasma modular runtime. This runtime includes command-and-control functionality, persistence mechanisms, and credential harvesting. The payload also contains disabled modules for supply chain propagation, AI-tool poisoning, and sandbox evasion. The compromised packages were released using legitimate GitHub OIDC workflows with valid provenance signatures, making detection difficult within trusted release pipelines. No known exploits in the wild have been reported yet.
Potential Impact
The attack compromises the integrity of npm packages from the @asyncapi organization, potentially allowing attackers to execute arbitrary code at module import time in dependent projects. This can lead to unauthorized command-and-control, persistence on affected systems, and credential harvesting. The use of valid provenance signatures and legitimate GitHub OIDC workflows increases the difficulty of detecting the compromise. The import-time execution bypasses common npm install script protections, increasing the risk of unnoticed infection in development and production environments.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until official fixes or guidance are available, users should audit dependencies from the @asyncapi npm organization carefully. Consider temporarily avoiding affected packages or versions if identified. Monitor official vendor and security advisories for updates on remediation and patches. Since the attack leverages GitHub Actions workflow vulnerabilities, review and secure CI/CD workflows to prevent credential exposure. Employ supply chain security best practices such as verifying package provenance and using tools that detect malicious code at import time.
Indicators of Compromise
- ip: 85.137.53.71
- hash: 34014776d3d3ff11bc4439b02fd7ac0f02a887eb3a052eeafff236e2f6db8ad1
- hash: 082d733db0687dcd768104972b065d4b58cb1e6043688c6c20fa3702337f36ab
- hash: bfaeb987faa6de2b5a5eb63b1233d055215b09b0349a9394f2175fd7cdf385e4
- hash: 9b2e65db653ca8575c9b10eefb9a80c6006404812c2ec212bf5675e3c690233b
- hash: d425e4583cc6185d41e95c45eda00550045a5d1919b9a012236a4520d009dbd7
- hash: 8351d251cf0b5a0bd82242deaa0a14e3e1394418d55c0f4259dac4303b79fc0c
- hash: c70e105e212ff3c1daa04bb2a62507717f296b0b
- hash: d602f4eeb914cf32782799376a8c5953
- hash: 93d8cffab1171a115228808e526d9bd7fe935e4e
- hash: 69813c330d52f2a93082651c071a302c
- hash: 71e67d32d2a6e052893dc0c679f9f7fd
- hash: 8c09a52a15a6e617e2b6ccee11046805
- hash: cd961d0b7b29996b795ddc80c09cc5d9
- hash: e67c6be63e55148de424e030cf6bed3b
- hash: 1f5c2e809d1ebd369d34ac22b771c522ced6e5b4
- hash: 46a236cc9f140deb62bbcfb055e7865d5b23ad81
- hash: 9b65b9f1bb27cef7b8a2b0327a47a539b8e473fb
- hash: ef2d28477befaa103031c7182a6f0dd6b4bb82dd
Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery
Description
On July 14, 2026, the @asyncapi npm organization was compromised in a coordinated supply chain attack affecting five package versions across four packages. The attack exploited a GitHub Actions workflow vulnerability that exposed privileged credentials, allowing unauthorized code injection. The malicious payload executes at module import time, bypassing common npm install script protections. It deploys the Miasma modular runtime with command-and-control, persistence, and credential harvesting capabilities. The compromised packages were published through legitimate GitHub OIDC workflows with valid provenance signatures, masking the attack within trusted release processes.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This supply chain attack on the @asyncapi npm organization originated from a vulnerability in a GitHub Actions workflow that leaked privileged credentials. Attackers injected malicious code into five package versions across four packages. Unlike typical postinstall script attacks, this campaign executes payloads at module import time, circumventing npm install --ignore-scripts defenses. The malicious code spawns hidden processes that retrieve a second-stage payload from IPFS, deploying the Miasma modular runtime. This runtime includes command-and-control functionality, persistence mechanisms, and credential harvesting. The payload also contains disabled modules for supply chain propagation, AI-tool poisoning, and sandbox evasion. The compromised packages were released using legitimate GitHub OIDC workflows with valid provenance signatures, making detection difficult within trusted release pipelines. No known exploits in the wild have been reported yet.
Potential Impact
The attack compromises the integrity of npm packages from the @asyncapi organization, potentially allowing attackers to execute arbitrary code at module import time in dependent projects. This can lead to unauthorized command-and-control, persistence on affected systems, and credential harvesting. The use of valid provenance signatures and legitimate GitHub OIDC workflows increases the difficulty of detecting the compromise. The import-time execution bypasses common npm install script protections, increasing the risk of unnoticed infection in development and production environments.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until official fixes or guidance are available, users should audit dependencies from the @asyncapi npm organization carefully. Consider temporarily avoiding affected packages or versions if identified. Monitor official vendor and security advisories for updates on remediation and patches. Since the attack leverages GitHub Actions workflow vulnerabilities, review and secure CI/CD workflows to prevent credential exposure. Employ supply chain security best practices such as verifying package provenance and using tools that detect malicious code at import time.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://www.microsoft.com/en-us/security/blog/2026/07/15/unpacking-asyncapi-npm-supply-chain-compromise-import-time-payload-delivery/"]
- Adversary
- null
- Pulse Id
- 6a58813c09a76d1819c69bb0
- Threat Score
- null
Indicators of Compromise
Ip
| Value | Description | Copy |
|---|---|---|
ip85.137.53.71 | — |
Hash
| Value | Description | Copy |
|---|---|---|
hash34014776d3d3ff11bc4439b02fd7ac0f02a887eb3a052eeafff236e2f6db8ad1 | — | |
hash082d733db0687dcd768104972b065d4b58cb1e6043688c6c20fa3702337f36ab | — | |
hashbfaeb987faa6de2b5a5eb63b1233d055215b09b0349a9394f2175fd7cdf385e4 | — | |
hash9b2e65db653ca8575c9b10eefb9a80c6006404812c2ec212bf5675e3c690233b | — | |
hashd425e4583cc6185d41e95c45eda00550045a5d1919b9a012236a4520d009dbd7 | — | |
hash8351d251cf0b5a0bd82242deaa0a14e3e1394418d55c0f4259dac4303b79fc0c | — | |
hashc70e105e212ff3c1daa04bb2a62507717f296b0b | — | |
hashd602f4eeb914cf32782799376a8c5953 | — | |
hash93d8cffab1171a115228808e526d9bd7fe935e4e | — | |
hash69813c330d52f2a93082651c071a302c | — | |
hash71e67d32d2a6e052893dc0c679f9f7fd | — | |
hash8c09a52a15a6e617e2b6ccee11046805 | — | |
hashcd961d0b7b29996b795ddc80c09cc5d9 | — | |
hashe67c6be63e55148de424e030cf6bed3b | — | |
hash1f5c2e809d1ebd369d34ac22b771c522ced6e5b4 | — | |
hash46a236cc9f140deb62bbcfb055e7865d5b23ad81 | — | |
hash9b65b9f1bb27cef7b8a2b0327a47a539b8e473fb | — | |
hashef2d28477befaa103031c7182a6f0dd6b4bb82dd | — |
Threat ID: 6a58b6de68715ace43e070da
Added to database: 07/16/2026, 10:47:58 UTC
Last enriched: 07/16/2026, 11:04:45 UTC
Last updated: 07/16/2026, 17:35:19 UTC
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.