malware npm
@redhat-cloud-services/patch-client
discovered 2026-06-01@redhat-cloud-services/patch-client is one of 32 @redhat-cloud-services scope packages compromised on June 1, 2026 in the Miasma: The Spreading Blight campaign (a variant of / derived from Mini Shai-Hulud). The attacker abused npm GitHub Actions trusted publishing by pushing short-lived oidc-<hex> branches that rewrote the trusted CI workflow into a self-publishing job, exchanged the OIDC token for npm publish tokens, repackaged the legitimate tarball with a malicious preinstall hook, and republished with valid SLSA provenance. Published in two waves ~3h apart; wave 1 (4.0.4) was later unpublished, wave 2 (4.0.5) is the live latest.
Threat types
worm credential_stealer data_exfiltration persistence
Malicious versions
- 4.0.4 · 031ba872d5a84bfb…
- 4.0.5
Campaigns
Indicators
- sha256 031ba872d5a84bfb18115f432811e4b45180346a1bae653f7fd85f918e7bb3a3indicates
- sha256 df1732f5bfec12e066be44dee02ec8a243e4868d38672c1b1d065359dd735a14indicates
- sha256 0dc06ecdaa63fe24859cfd955053c23245c536e4733480239d14bebf12688e35indicates
- url https://registry.npmjs.org/-/npm/v1/oidc/token/exchange/package/communicates-with
- url https://github.com/oven-sh/bun/releases/download/bun-v1.3.13/communicates-with
- ipv4 169.254.169.254communicates-with
- ipv4 169.254.170.2communicates-with
- file_path /var/run/secrets/kubernetes.io/serviceaccount/tokenindicates
- file_path /var/run/docker.sockindicates
- file_path /tmp/p<random>.jsindicates
- file_path /tmp/b-<random>/bunindicates
- file_path /tmp/kitty-<random>indicates
- domain login.microsoftonline.comcommunicates-with
- domain graph.microsoft.comcommunicates-with
- email justinorringer@gmail.comindicates
- email claude@users.noreply.github.comindicates
- github_repo RedHatInsights/javascript-clientsexfiltrates-to
- github_repo RedHatInsights/frontend-componentsexfiltrates-to
- github_repo RedHatInsights/platform-frontend-ai-toolkitexfiltrates-to
Techniques
- ttp T1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
- ttp T1199 Trusted Relationshipuses
- ttp T1059.007 Command and Scripting Interpreter: JavaScriptuses
- ttp T1027 Obfuscated Files or Informationuses
- ttp T1140 Deobfuscate/Decode Files or Informationuses
- ttp T1105 Ingress Tool Transferuses
- ttp T1552.001 Unsecured Credentials: Credentials In Filesuses
- ttp T1552.005 Unsecured Credentials: Cloud Instance Metadata APIuses
- ttp T1528 Steal Application Access Tokenuses
- ttp T1606.002 Forge Web Credentials: SAML Tokensuses
- ttp T1041 Exfiltration Over C2 Channeluses
- ttp T1567.001 Exfiltration to Code Repositoryuses
- ttp T1098 Account Manipulationuses
- ttp T1610 Deploy Containeruses
- ttp T1546 Event Triggered Executionuses
- ttp T1480.001 Execution Guardrails: Environmental Keyinguses
- ttp T1518.001 Software Discovery: Security Software Discoveryuses
- ttp Self-Propagation via Trusted Publishing Wormuses
- ttp Spoofed User-Agent on GitHub APIuses
