Tag
#Miasma
4 stories taggedMiasma.

Threat Intelligence
Trojanised AsyncAPI packages slip onto npm, hitting a library downloaded 2.25 million times a week
Attackers hijacked a GitHub build pipeline on 14 July to publish five poisoned versions of AsyncAPI tools, wiring in a stealthy info-stealer that talks to its operators over Ethereum and peer-to-peer networks.
4 min read

Threat Intelligence
Hades Hits PyPI: 37 Poisoned Wheels Auto-Exec via .pth Trick
A fresh splinter of the Miasma supply-chain campaign abuses Python's site-packages path hook to fire on import — and goes hunting for Bun credentials.
2 min read

Threat Intelligence
Miasma Self-Replicating Worm Reaches Microsoft GitHub Orgs, 73 Repos Affected
The campaign — tracked publicly as Miasma — propagated into Azure, Azure-Samples, Microsoft, and MicrosoftDocs before GitHub pulled access.
2 min read

Vulnerabilities
Miasma Campaign Infects Red Hat npm Packages
Latest supply chain attack reveals persistent threat of credential theft
2 min read