Coordinated Supply Chain Attack Exploits CI/CD Pipelines to Deliver Malware
A coordinated software supply chain attack, identified on July 14, 2026, has seen malicious npm packages delivered through the compromised CI/CD pipelines of two AsyncAPI GitHub repositories. The attacker gained push access to specific branches (e.g., `next` and `master`) and then leveraged the projects' own legitimate GitHub Actions release workflows, which utilize npm's GitHub OIDC trusted-publisher integration, to publish four malicious versions of packages. This method bypassed traditional token theft, as the CI/CD pipeline itself was tricked into publishing the compromised code. The payload, identified as the Miasma RAT (M-RED-TEAM v6.4), was an obfuscated dropper designed to fire when the library was loaded, not just at install time, and included capabilities for credential exfiltration and persistence.
This event is a stark reminder that the CI/CD pipeline is increasingly becoming a primary attack surface, not just a conduit for code. For DevOps and security professionals, this matters profoundly because it demonstrates a sophisticated attack vector that circumvents security measures focused solely on credential management. The fact that the resulting packages carried legitimate SLSA provenance attestations, proving only that an authorized workflow produced them, but not that the triggering commits were legitimate, highlights a critical gap. It forces a re-evaluation of what 'trusted' really means in an automated release process.
This attack fits into a broader, well-established trend of software supply chain compromises, echoing concerns raised by previous incidents like the 'Cordyceps flaw pattern' and the 'anatomy of a Codecov attack,' both of which underscored that CI/CD systems are integral to the attack surface. As organizations increasingly automate their release cycles and rely on cloud-native CI/CD platforms, the trust boundaries shift. Attackers are no longer just looking for weak passwords or exposed API keys; they are exploiting the inherent trust in automated build and release processes. The rise of OIDC for tokenless authentication, while enhancing security in some aspects, also means that compromising the source repository's integrity can directly lead to compromised releases without needing to steal a specific token.
In practice, this incident means practitioners must move beyond perimeter security for their CI/CD systems. Concrete implications include strengthening branch protection rules, enforcing mandatory code reviews for all commits to release branches, and implementing commit signing to verify author identity. Organizations should also scrutinize the scope of permissions granted to CI/CD pipelines and agents, adhering to the principle of least privilege. Furthermore, investing in advanced supply chain security tools that can detect anomalous changes within pipelines, even if they appear to originate from legitimate workflows, is crucial. This includes runtime analysis of build artifacts and enhanced monitoring for unexpected behavior during the build and release phases. The focus must shift to securing the entire workflow, from code commit to deployment, recognizing that the pipeline itself can be weaponized.
Read original source