"coordinated, fully automated operation completed in under three seconds," Microsoft Threat Intelligence wrote on X in its initial description of the June 24 attack.
Microsoft Threat Intelligence's account of the June 24 incident
Microsoft Threat Intelligence reported that the latest Miasma malware campaign began late on June 24 after attackers compromised an npm maintainer account identified as "czirker." The adversary used that account to publish poisoned updates to more than 20 versions of legitimate npm packages tied to the Leo Platform and RStreams ecosystems. According to Microsoft, the changes were made in a rapid, automated burst — the post on X characterised the operation as a "coordinated, fully automated operation completed in under three seconds."
What Miasma hunts for and how it exfiltrates data
Like earlier Miasma variants, this campaign targets developer workstations and CI runners with an explicit focus on stealing credentials and secrets. The malware searches for AWS, Azure, and Google Cloud credentials, GitHub personal access tokens, Kubernetes secrets, HashiCorp Vault credentials, 1Password data, npm publishing credentials, and other sensitive information.
Rather than sending stolen material to a traditional command-and-control server, the malware scrapes GitHub Actions runner memory and commits the harvested data to a GitHub repository created through the victim's account. That exfiltration path leverages the victim's own identity and infrastructure to hide the theft.
Technical changes: Bun runtime, hidden payload location, and self-republication
Sonatype and Microsoft both note that the current Miasma variant has evolved. Earlier versions leaned on npm installation hooks, but Sonatype says this release hides its payload elsewhere in the installation process. The malware also downloads and executes the Bun JavaScript runtime rather than running everything under Node.js, a change explicit in Sonatype's analysis and highlighted in public reporting.
Stealing credentials is only one objective. The malware attempts to republish any packages the compromised maintainer is permitted to maintain, which allows it to sidestep npm's two-factor authentication protections and opens an additional route for propagation. That self-propagation — combined with the repository-based exfiltration method — makes Miasma more like a supply-chain worm than a conventional backdoor.
Affected ecosystems: Leo Platform, RStreams, and prior Red Hat packages
Microsoft's advisory specifies that the poisoned updates affected packages used by the Leo Platform and RStreams ecosystems. The current campaign follows earlier Miasma activity this month in which Red Hat npm packages were poisoned. Public availability of the Mini Shai-Hulud toolkit on GitHub has already put elements of the malware within reach of a wider audience, increasing the risk that newcomers will reuse or adapt the code.
What Sonatype and Microsoft recommend; what this means for developers, CI teams, and package maintainers
- Microsoft's guidance: Microsoft is urging organizations that installed the affected package versions to assume that developer machines and CI environments may have been exposed.
- Sonatype's guidance: Sonatype recommends checking dependency lockfiles, internal package mirrors, build caches, container images, and CI runners for lingering copies of the malicious releases before rotating credentials.
- For developers and CI teams: Investigate GitHub Actions runner memory and any build artifacts that could contain harvested secrets; the campaign's repository-based exfiltration means investigators should also review repositories created or modified under compromised accounts.
- For package maintainers: Be alert to unauthorized republishing activity. The malware attempts to republish packages the victim can maintain, using that capability to broaden distribution while evading npm two-factor protections.
The Miasma campaign combines rapid, automated compromise with techniques designed to hide both payloads and exfiltration inside legitimate developer workflows. For organizations that used the affected package versions, the immediate path forward Microsoft and Sonatype lay out is straightforward in outline: assume exposure, hunt for lingering malicious artifacts across lockfiles, mirrors, caches, images, and runners, and take remediation steps in the correct order to reduce the risk that replacements will be reharvested. Whether that sequence will be sufficient against a self-propagating worm that can republish packages and commit stolen data via victims' own GitHub accounts is the practical challenge defenders now face.
Source: https://www.theregister.com/security/2026/06/26/miasma_campaign_poisoned_npm_packages/
