What Happened
On June 1, 2026, Wiz Research disclosed a supply chain compromise affecting at least 32 package releases published under the @redhat-cloud-services npm namespace. The campaign, dubbed “Miasma: The Spreading Blight,” is a new variant of the Mini Shai-Hulud malware family. Researchers at JFrog and Aikido independently confirmed the same findings. Red Hat published a security bulletin acknowledging the compromise.
The packages — including @redhat-cloud-services/chrome, multiple generated API clients, and shared utilities — average 80,000 weekly downloads combined. Attackers did not compromise individual developer accounts. They hijacked GitHub Actions OIDC tokens from the CI/CD pipeline itself, meaning the malicious packages were published using legitimate, trusted credentials. Each infected install runs a 4.2 MB obfuscated payload before any application code executes. That payload deploys a multi-stage credential stealer that targets AWS, Azure, GCP, HashiCorp Vault, Kubernetes, GitHub Actions OIDC tokens, npm registry credentials, Bitwarden, and 1Password. On Linux it installs a persistent monitoring service (kitty-monitor.service); on macOS, a LaunchAgent plist. The malware also injects hooks into AI developer tools including Claude, Codex, Gemini, Copilot, Kiro, and opencode. The Hacker News
Why This Matters for Canadian Organizations
Canadian development teams building on Red Hat OpenShift, Red Hat Hybrid Cloud Console, or any internal tooling that pulls from the @redhat-cloud-services npm namespace are directly in scope. The packages affected include frontend components and utilities that appear across enterprise application development, cloud-native builds, and government digital service teams adopting Red Hat infrastructure.
The CI/CD pipeline compromise vector is particularly significant. The attacker did not need to trick a developer into running a malicious package — the build pipeline picked it up automatically. Any developer or build agent that ran npm install against these packages since June 1 should be treated as having their full cloud credential set exfiltrated. That means AWS keys, Azure service principals, GCP service accounts, and GitHub tokens used in automated pipelines are all at risk. For Canadian organizations subject to OSFI B-13 technology and cyber risk guidelines, a supply chain compromise that reaches cloud credentials constitutes a material third-party technology risk event requiring escalation and assessment. Under PIPEDA, if stolen credentials were used to access systems containing personal information, breach notification obligations begin at the point the organization knew or should have known of the compromise.
What to Do
Run npm ls or check your package-lock.json and dependency trees for any @redhat-cloud-services packages. If any affected versions were installed since June 1, 2026, rotate all CI/CD secrets, cloud credentials, SSH keys, npm tokens, and API keys accessible from those pipelines immediately. Audit your GitHub Actions OIDC configurations to confirm token scopes are minimal and short-lived. Review Red Hat’s security bulletin at access.redhat.com for the full list of affected package versions and confirmed clean versions. Treat any persistent monitoring services named kitty-monitor on Linux systems or com.user.kitty-monitor.plist on macOS as indicators of compromise.
