Issuer: Adverse Trace Date issued: 2026-06-09 Version: 1.0
1. Executive summary
The "Miasma" supply-chain attack toolkit, previously used to compromise over 473 package artifacts including Microsoft and Red Hat repositories, has been open-sourced on GitHub by unknown actors using compromised developer accounts. This toolkit enables self-replicating attacks against PyPI, npm, RubyGems, JFrog Artifactory, and GitHub Actions, utilizing GitHub's native commit search API for command-and-control (C2) to evade traditional network detection. For EMEA financial services, the immediate risk involves the potential ingestion of poisoned open-source dependencies into CI/CD pipelines, leading to credential theft (SSH keys, cloud tokens, PATs) and lateral movement within development environments. The public release of the source code lowers the barrier to entry for copycat attacks, increasing the volume of potential supply-chain incidents requiring monitoring under DORA and NIS2 frameworks.
2. Regulatory framing
| Regulation | Article | Practical Impact for Financial Entities |
|---|---|---|
| DORA | Art. 17 | Protection & Prevention: Entities must update ICT risk management policies to address supply-chain risks from open-source repositories and enforce strict verification of third-party code integrity before integration into production pipelines. |
| DORA | Art. 19 | Incident Reporting: Successful compromise of development environments or exfiltration of credentials via this toolkit constitutes a major ICT-related incident if it impacts critical services, triggering the 24-hour initial notification window to competent authorities. |
| DORA | Art. 28-30 | Third-Party Risk: Financial entities must assess the risk posed by their reliance on public registries (npm, PyPI) and ensure contractual or technical controls (e.g., artifact pinning, private proxies) are in place to mitigate upstream contamination. |
| NIS2 | Art. 21(2)(d) | Supply Chain Security: Essential entities must include security measures for supply chains and software development lifecycle (SDLC) processes, specifically addressing the risk of compromised upstream dependencies and CI/CD pipeline integrity. |
| NIS2 | Art. 23 | Incident Handling: Mandates immediate incident handling procedures upon detection of malware in development environments, including containment of the spread within internal networks and preservation of evidence for forensic analysis. |
3. Attack chain
- Initial Access: Attacker compromises a legitimate developer GitHub account (e.g., via previous Miasma infection or credential stuffing).
- Propagation: The compromised account pushes malicious commits containing configuration files to target repositories (e.g.,
Azure/durabletask, Red Hat npm packages). - Execution Trigger: A developer or automated CI/CD system clones the repository or installs the package. Execution triggers immediately if:
- The repository is opened in an IDE with AI coding tool integration (e.g., Claude Code, Gemini CLI, Cursor).
- The package is installed via npm, triggering a malicious
preinstallhook.
- Payload Delivery: The malicious script retrieves JavaScript for immediate execution and Python URLs for persistent monitoring from specific GitHub commit messages acting as C2 channels.
- Exfiltration & Lateral Movement: The payload steals GitHub Actions secrets, npm tokens, cloud credentials, Kubernetes/Vault material, SSH keys, and Git credentials. It uses stolen Personal Access Tokens (PATs) to propagate to other repositories.
Unconfirmed Steps: * Attribution: While the toolkit follows the lineage of "TeamPCP" and the "Mini Shai-Hulud" worm, the specific actors behind the June 8 open-source release of the Miasma toolkit are unconfirmed. It is unclear if this is the original group or a copycat utilizing the leaked framework. * Adoption Rate: While the toolkit is public, Wiz researchers note they have not yet observed widespread opportunistic adoption by other threat actors, though this may change rapidly.
4. Mitigation & containment
P1: Immediate Containment (Within 24h) * Isolate CI/CD Pipelines: Pause all automated builds and deployments referencing affected namespaces (@redhat-cloud-services, Azure, MicrosoftDocs) until verified clean. * Revoke Credentials: Immediately rotate all GitHub Personal Access Tokens (PATs), SSH keys, npm tokens, and cloud provider credentials stored in GitHub Actions Secrets or local developer environments that may have accessed compromised repos. * Block C2 Channels: Implement network or host-level blocks for GitHub API calls containing specific search queries if possible, or monitor heavily for: * DontRevokeOrItGoesBoom * TheBeautifulSandsOfTime * firedalazer * Disable AI Coding Tools: Temporarily disable or restrict AI coding assistants (Claude Code, Gemini CLI, Cursor) from automatically executing code or accessing external repositories in high-risk environments.
P2: Remediation & Hardening (Within 72h) * Version Pinning: Enforce strict version pinning (e.g., package-lock.json, requirements.txt with hashes) for all dependencies. Do not rely on floating tags (e.g., latest, v1). * Artifact Verification: Deploy a private artifact proxy (e.g., JFrog Artifactory, Sonatype Nexus) to scan and cache open-source packages before they reach developer machines. * Audit Commit History: Scan internal GitHub repositories for unauthorized commits containing the C2 search strings or unexpected configuration files (.cursorrules, .gemini, etc.).
P3: Long-term Strategy (Within 7 days) * Supply Chain Policy Update: Update DORA-compliant ICT policies to mandate Software Bill of Materials (SBOM) generation and verification for all third-party components. * Behavioral Monitoring: Deploy detection logic focused on application-layer anomalies (e.g., unusual eval() calls, unexpected outbound connections to api.github.com from build agents) rather than just network signatures.
5. Indicators of compromise
| Type | Value | Confidence | Source |
|---|---|---|---|
| Search String (C2) | DontRevokeOrItGoesBoom |
High | The Register |
| Search String (C2) | TheBeautifulSandsOfTime |
High | The Register |
| Search String (C2) | firedalazer |
High | The Register |
| Target Repo | Azure/durabletask |
High | The Register |
| Target Repo | Azure/functions-action |
High | The Register |
| Package Namespace | @redhat-cloud-services |
High | The Register / Wiz |
| Behavior | preinstall hook execution |
High | Socket / The Register |
| Function | eval() usage for payload |
High | The Register |
string DontRevokeOrItGoesBoom
string TheBeautifulSandsOfTime
string firedalazer
repo Azure/durabletask
repo Azure/functions-action
namespace @redhat-cloud-services
behavior preinstall_hook
function eval()
6. Detection
rule Miasma_GitHub_C2_Channels {
meta:
author = "Adverse Trace"
date = "2026-06-09"
reference = "https://www.theregister.com/cyber-crime/2026/06/09/miasma-supply-chain-attack-toolkit-goes-public-on-github/5253074"
description = "Detects hardcoded GitHub commit search strings used by Miasma worm for C2 and payload delivery."
strings:
$c2_token_search = "DontRevokeOrItGoesBoom" ascii
$c2_js_search = "TheBeautifulSandsOfTime" ascii
$c2_py_search = "firedalazer" ascii
$func_eval = "eval(" ascii wide
$hook_preinstall = "preinstall" ascii
condition:
any of ($c2_token_search, $c2_js_search, $c2_py_search) or
($func_eval and $hook_preinstall)
}
title: Miasma Worm GitHub API C2 Activity
id: 9a8b7c6d-5e4f-3a2b-1c0d-9e8f7a6b5c4d
status: experimental
description: Detects outbound GitHub API requests containing Miasma C2 search strings or suspicious eval patterns in CI/CD logs.
author: Adverse Trace
date: 2026/06/09
references:
- https://www.theregister.com/cyber-crime/2026/06/09/miasma-supply-chain-attack-toolkit-goes-public-on-github/5253074
logsource:
category: web
service: github
detection:
selection_c2_strings:
http.url|contains:
- 'DontRevokeOrItGoesBoom'
- 'TheBeautifulSandsOfTime'
- 'firedalazer'
selection_behavior:
process.command_line|contains:
- 'eval('
http.host|contains:
- 'api.github.com'
condition: selection_c2_strings or (selection_behavior and http.host|contains: 'api.github.com')
falsepositives:
- Legitimate use of these specific unique strings (highly unlikely).
level: critical
7. Sources
- The Register, "Miasma worms its way onto GitHub as attack kit goes open source", 2026-06-09, https://www.theregister.com/cyber-crime/2026/06/09/miasma-supply-chain-attack-toolkit-goes-public-on-github/5253074
- Dark Reading, "Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories", https://www.darkreading.com/application-security/miasma-supply-chain-worm-73-microsoft-repositories
- The Hacker News, "Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack", https://thehackernews.com/2026/06/miasma-worm-hits-73-microsoft-github.html
- The Register, "GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections", 2026-06-08, https://www.theregister.com/security/2026/06/08/github-nukes-70-microsoft-repos-amid-suspected-worm-attack/5252169
- SANS Internet Storm Center, "TeamPCP Supply Chain Campaign: Activity Through 2026-06-07", https://isc.sans.edu/diary/rss/33060
- The Register, "Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week", 2026-06-01, https://www.theregister.com/security/2026/06/01/shai-hulud-malware-infects-red-hat-npm-packages-downloaded-80k-weekly/5249803
8. Adverse Trace position
We assess the severity of this development as High for EMEA financial institutions with active software development lifecycles, primarily due to the lowered barrier to entry for attackers and the difficulty in detecting GitHub-native C2 traffic. The transition of Miasma from a targeted weapon to an open-source toolkit significantly increases the probability of opportunistic "copycat" attacks against less-defended supply chains. While sophisticated defenders may already have signatures for the original payload, the modular nature of the released kit allows for rapid variation. We recommend immediate auditing of CI/CD pipelines for the specified C2 search strings and enforcing strict dependency pinning. Adverse Trace will continue to monitor GitHub and package registries for new variants leveraging this toolkit and will issue updates if specific financial sector targeting is observed.
Published via PulseTrace — Adverse Trace threat intelligence.