Red Hat npm Packages Compromised by Miasma Credential-Stealing Malware

Open-source ecosystems have become attractive targets for cybercriminals because a single compromised package can impact thousands of developers and organizations. In the latest example, attackers successfully compromised multiple npm packages published under Red Hat’s trusted namespace and distributed malware designed to steal credentials from developer workstations and CI/CD environments.

Researchers discovered that the attack leveraged trusted publishing mechanisms and malicious package updates to deliver a credential-harvesting payload. The campaign demonstrates how attackers are increasingly targeting software supply chains rather than individual endpoints, enabling them to gain access to cloud environments, repositories, and production systems at scale.

What happened in the Miasma malware attack?

According to reports from BleepingComputer and security researchers at Aikido and OX Security, more than 30 packages published under Red Hat’s @redhat-cloud-services namespace were found distributing malicious code.

The malware involved in the campaign was identified as Miasma malware, a variant of the previously observed Shai-Hulud malware family. The compromised packages reportedly contained a malicious preinstall script that executed automatically when developers installed the affected dependencies.

Red Hat stated that the affected packages were used primarily for internal development tooling and that the malicious versions were removed after the incident was discovered. However, the attack serves as a reminder that trusted repositories and verified publishers are not immune to compromise.

Researchers believe the attack originated after threat actors allegedly gained access to a Red Hat employee’s GitHub account. Once inside, the attackers pushed malicious commits to several repositories and modified publishing workflows to distribute backdoored package versions.

The incident represents a sophisticated npm supply chain attack because attackers compromised the software publishing process itself rather than exploiting users directly.

How the attackers compromised the publishing workflow

Modern software development increasingly relies on automated CI/CD pipelines and trusted package publishing mechanisms. Unfortunately, attackers are learning how to abuse these same systems.

Investigators reported that the threat actors introduced a malicious GitHub Actions workflow into affected repositories. The workflow reportedly performed several malicious actions:

• Installed Bun as part of the build process
• Executed an obfuscated script
• Requested GitHub OIDC tokens using elevated workflow permissions
• Leveraged npm trusted publishing mechanisms
• Published malicious package versions automatically

The abuse of GitHub’s OpenID Connect (OIDC) authentication is particularly noteworthy. OIDC allows workflows to obtain short-lived authentication tokens without requiring long-lived credentials. While this improves security under normal circumstances, attackers who gain control of a repository can potentially abuse these permissions to publish malicious code through legitimate channels.

Because the malicious packages originated from a trusted namespace, developers and automated systems had little reason to suspect anything unusual during installation.

How Miasma malware steals developer credentials

The primary objective of the campaign appears to have been credential theft.

The compromised packages contained a malicious preinstall script that launched an obfuscated Node.js payload during installation. Once executed, the malware searched for sensitive information across developer systems and build environments.

Researchers found that the malware targeted:

• GitHub Actions secrets
• AWS credentials
• Google Cloud credentials
• Azure service principal credentials
• HashiCorp Vault tokens
• Kubernetes service account tokens
• npm authentication tokens
• PyPI publishing tokens
• SSH private keys
• Docker credentials
• GPG keys
• Environment variable files (.env)
• Other locally stored secrets

This broad targeting indicates that the attackers were not focused on a single cloud provider or development platform. Instead, they sought access to any credentials that could facilitate lateral movement, privilege escalation, repository compromise, or cloud intrusion.

By harvesting credentials from developer workstations and CI/CD runners, attackers can potentially gain access to source code repositories, production infrastructure, cloud workloads, and deployment pipelines.

Why npm supply chain attacks are becoming more dangerous

The software development ecosystem depends heavily on third-party packages. A typical application may include hundreds or even thousands of dependencies sourced from public repositories such as npm.

This interconnected nature creates a significant attack surface.

In a traditional attack, adversaries must compromise each organization individually. In contrast, a supply-chain attack allows threat actors to compromise a trusted component and distribute malicious code to many organizations simultaneously.

Several factors contribute to the growing success of supply-chain attacks:

Trust in package repositories

Developers often assume packages published under trusted vendor namespaces are safe. Attackers exploit this trust by targeting publisher accounts and software repositories.

Automated dependency updates

Many organizations rely on automated tools that continuously update packages. Malicious updates can spread quickly before security teams identify suspicious activity.

Extensive cloud integration

Modern applications frequently interact with cloud platforms, CI/CD tools, and infrastructure services. Stolen credentials can provide attackers with immediate access to high-value environments.

Developer privileges

Developer systems often contain privileged credentials, deployment keys, repository access tokens, and administrative permissions that can facilitate broader compromise.

The Red Hat npm packages compromised incident demonstrates how a single repository compromise can potentially expose a wide range of sensitive assets.

The business impact of stolen developer credentials

Credential theft remains one of the most effective attack techniques because it enables adversaries to bypass many traditional security controls.

If attackers successfully obtain developer credentials, they may be able to:

• Access private source code repositories
• Modify application code
• Insert malicious updates into software releases
• Compromise CI/CD pipelines
• Deploy malware to production environments
• Access cloud infrastructure
• Exfiltrate sensitive corporate data
• Establish persistence within enterprise systems

The consequences can extend far beyond the initially compromised workstation.

A stolen GitHub token may lead to repository takeover. A compromised cloud credential may provide access to sensitive databases. A Kubernetes token could allow attackers to interact with containerized workloads.

As software development environments become increasingly interconnected, the potential blast radius of credential theft continues to grow.

How Hexnode helps reduce the impact of supply-chain threats

Software supply-chain attacks such as the Miasma malware campaign demonstrate how a single compromised package can expose developer endpoints, build environments, and sensitive credentials. Organizations need visibility into endpoint activity and the ability to investigate and respond quickly when suspicious behavior is detected.

Improve threat visibility with Hexnode XDR

Hexnode XDR helps security teams gain visibility into endpoint activity through centralized incident monitoring, endpoint telemetry, and threat investigation capabilities. By correlating security signals and providing contextualized alerts, it enables administrators to identify suspicious activity, assess its impact, and prioritize response actions. Administrators can investigate incidents using detailed endpoint data, threat timelines, process information, and MITRE ATT&CK-aligned insights.

When potentially malicious activity is detected, security teams can take response actions directly from the XDR console, including isolating affected devices, terminating suspicious processes, quarantining files, and using remote terminal access for investigation and remediation.

Strengthen endpoint security with Hexnode UEM

Hexnode UEM helps organizations secure and manage the devices used to access source code repositories, cloud resources, and development environments. Through centralized endpoint management, administrators can enforce security policies, maintain device compliance, deploy updates, manage applications, and implement encryption policies across supported platforms.

When integrated with Hexnode UEM, Hexnode XDR combines security telemetry with device context, helping teams investigate threats more effectively while maintaining visibility into device health, compliance status, and security posture from a unified ecosystem.

Conclusion

The Miasma malware campaign serves as another warning that software supply-chain attacks continue to evolve in sophistication and impact. By compromising trusted publishing workflows and distributing malicious packages through a reputable namespace, attackers were able to target developer workstations, CI/CD environments, and cloud-connected systems simultaneously.

The incident involving Red Hat npm packages compromised by a Shai-Hulud variant demonstrates that organizations must look beyond traditional endpoint protection and adopt a comprehensive strategy that secures developer identities, repositories, publishing workflows, and infrastructure credentials.

As npm supply chain attacks become increasingly common, proactive monitoring, endpoint visibility, credential protection, and rapid incident response will remain essential components of modern cybersecurity programs.