A newly discovered software supply chain campaign, dubbed Miasma, has emerged as the latest evolution of the Shai-Hulud supply chain attack, compromising several redhat-cloud-services npm packages to steal credentials, harvest secrets from developer systems, and spread through development environments using worm-like behavior.

Security researchers at Socket described the operation as a smaller but highly capable successor to earlier Shai-Hulud campaigns, noting that it employs many of the same techniques that made previous attacks effective against software development ecosystems.
"This is effectively a Mini Shai-Hulud campaign: it uses the same core tactics of install-time execution, crede...