Miasma Attack Framework: What Developers Need to Know

Multiple repositories labeled as open-source releases of the Miasma toolkit began appearing on GitHub on June 9, according to community reports, following earlier open-source drops of the underlying Mini Shai-Hulud framework by the TeamPCP threat group in May. The UK's National Cyber Security Centre has separately urged organizations to review their software dependencies, warning that supply chain attacks targeting open-source packages are accelerating.

The Miasma worm evolved from Mini Shai-Hulud, a modular TypeScript/Bun toolkit for credential harvesting, supply chain poisoning, and encrypted exfiltration. TeamPCP first published the Shai-Hulud source code on May 12, according to analyses by Datadog Security Labs and Akamai. ReversingLabs warned at the time that the public release provided "a blueprint for threat actors," lowering the barrier to large-scale attacks on developer environments.

Copycat activity followed almost immediately. By mid-May, OX Security identified new actors deploying Shai-Hulud clones in malicious npm packages. The Miasma variant then escalated the campaign, hitting Red Hat's npm namespace on June 1 and compromising 32 packages with roughly 80,000 to 117,000 weekly downloads. On June 5, the worm reached Microsoft's Azure GitHub organizations, planting payloads that triggered automatically in AI coding tools including Claude Code, Gemini CLI, and Cursor. GitHub disabled all 73 affected repositories within 105 seconds of automated detection, and Microsoft later confirmed the repositories had been restored.

The NCSC's advisory, published in early June, outlined immediate actions for organizations: pausing automatic dependency updates where compromise is suspected, manually reviewing new versions, rotating exposed credentials, enforcing multi-factor authentication on developer and registry accounts, and using private or trusted registries.

"These attacks highlight the need to revisit how dependencies are introduced and managed, as part of a secure development lifecycle," the NCSC said.

The SANS Internet Storm Center noted that by late May, "multiple vendors reported the Shai-Hulud framework source had been published to GitHub" and "copycat forks were already running". With the Miasma variant now similarly accessible, security teams face an expanding threat surface. StepSecurity has already identified a further evolution of the malware, tracked as Hades, which adds destructive wiper capabilities triggered if stolen tokens are revoked.

Organizations relying on open-source dependencies are now operating in an environment where offensive supply chain toolkits are freely available — and proven effective against some of the world's largest software companies.