Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Miasma malware is actively compromising npm packages and GitHub Actions workflows to steal developer credentials and secrets. Developers using affected packages or GitHub Actions are at immediate risk of credential theft and account takeover. This supply chain attack can cascade across organizations through compromised dependencies and CI/CD pipelines.

CRITICALAdvisoryJun 26, 2026

Action required

Audit all npm package dependencies and GitHub Actions in your CI/CD pipelines for suspicious updates or modifications from the last 30 days. Rotate all developer credentials, GitHub tokens, and secrets that may have been exposed through build environments. Block execution of unsigned or unverified GitHub Actions workflows.

Affected products

npmGo

Linked articles

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Source links

https://thehackernews.com/2026/06/miasma-malware-targets-npm-packages-and.html