New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk

•

1 Jun 2026

T1606.002

Forge Web Credentials: SAML Tokens

discovered 2026-06-01

Exchanges the GitHub Actions OIDC token for npm publish tokens via the registry OIDC exchange endpoint.

View on MITRE ATT&CK

Seen in packages

npm @redhat-cloud-services/patch-clientuses

Campaigns

Miasma: The Spreading Blightattributed-to