The Miasma campaign is a sophisticated supply chain attack that used a stolen Red Hat employee's GitHub credential and session cookie, which were exposed in infostealer logs and underground markets for approximately seven weeks before being weaponized. The attack employed a self-propagating npm worm derived from Mini Shai-Hulud, which republished itself across compromised npm packages under multiple organizations including Red Hat, Vapi.ai, and Microsoft Azure. The worm harvested a wide range of developer and cloud credentials from infected environments, enabling cascading compromises. Malicious packages produced had valid SLSA Build Level 3 provenance attestations, defeating the highest supply chain integrity verification. The campaign evolved through three waves, culminating in persistence mechanisms targeting AI coding assistants such as Claude Code and VS Code. This campaign validates the Developer Credential Economy model, where credential generation, underground distribution, and weaponization form a structured black market ecosystem. The public release of the Mini Shai-Hulud source code further lowers the barrier for replication of such attacks. Traditional security tools like EDR lack visibility into the CI/CD environments where these attacks originate, necessitating new defensive approaches.

The campaign compromised numerous npm packages, including official Red Hat packages, resulting in widespread distribution of malicious code to tens of thousands of users weekly. The use of valid cryptographic provenance attestations undermines trust in supply chain integrity mechanisms. Credential theft and reuse enabled cascading compromises across multiple organizations and cloud environments. The attack surface expanded to developers' local environments via persistence targeting AI coding assistants, increasing risk of further credential theft and compromise. This attack model enables multiple threat actors to weaponize stolen credentials for diverse objectives including data theft and further supply chain compromises. The seven-week dwell time of stolen credentials in underground markets highlights a critical window of exposure. The campaign demonstrates that traditional endpoint detection and install-script monitoring are insufficient to detect or prevent such attacks.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Organizations should treat developer credentials as critical control-plane infrastructure and implement a phased Continuous Threat Exposure Management (CTEM) approach. This includes hardening credential generation processes, real-time neutralization of harvested secrets, and enforcing human-gated publishing controls in CI/CD pipelines. Monitoring underground markets for exposed developer credentials is essential to reduce dwell time and prevent weaponization. Traditional endpoint detection tools alone are insufficient; organizations should enhance visibility into ephemeral CI/CD environments and adopt supply chain security best practices aligned with SLSA guidelines. Reviewing and rotating potentially compromised credentials and tokens promptly is recommended.