What the Miasma Campaign Reveals About the New Supply Chain ...

[carlospolop]

🤖 Automated Content Update

This PR was automatically generated by the HackTricks News Bot based on a technical blog post.

📝 Source Information

• Blog URL: https://tenable.com/blog/what-the-miasma-campaign-reveals-about-the-new-supply-chain-threat-model-and-the-underground
• Blog Title: What the Miasma Campaign Reveals About the New Supply Chain Threat Model and the Underground Market for Developer Credentials
• Suggested Section: Pentesting CI/CD -> Github Security -> Abusing Github Actions; possibly add a new page or subsection for npm supply-chain worm propagation, GitHub Actions OIDC package publishing abuse, SLSA provenance limitations, and Phantom Gyp binding.gyp execution

🎯 Content Summary

Tenable analyzes the Miasma campaign, a self-propagating npm supply-chain worm derived from TeamPCP's Mini Shai-Hulud toolchain, which TeamPCP open-sourced on GitHub on May 12 under an MIT License with the message “Shai-Hulud: Open Sourcing The Carnage.” The release reportedly included CI cache-poisoning scripts, an OIDC token extractor, and a credential stealer with pro...

🔧 Technical Details

Credential-driven npm worm propagation: If an attacker obtains a developer identity with npm publishing rights, malware can query the npm registry for all packages that identity can publish to and automatically republish poisoned versions. This creates a self-propagating loop: compromise one identity, enumerate package access, publish malware, infect developers or CI/CD runners through npm install, harvest more credentials, and repeat.

Infostealer-to-supply-chain weaponization: Commodity infostealer logs can contain high-value developer session cookies, GitHub credentials, npm tokens, and API keys. An attacker does not need to breach the target directly if a valid developer credential already exists in underground markets. The practical chain is: acquire exposed developer credentials, authenticate as the developer, identify writable repositories or publishable packages, inject malicious package/workflow changes, harvest additional secrets from downst...

🤖 Agent Actions

Done.

Updated:

• src/pentesting-ci-cd/github-security/abusing-github-actions/README.md

Added:

• binding.gyp / node-gyp (Phantom Gyp) install-time execution path
• wormable npm publishing from stolen maintainer / CI identities
• trusted publishing + provenance limitations in that propagation chain
• repository-local AI assistant persistence (.claude/settings.json, .cursor/rules, .gemini/)
• new references, including the Tenable Miasma post and official npm/node-gyp docs

Validation:

• Re-read the modified section and references
• mdbook build could not be run because mdbook is not installed in this environment (/bin/bash: mdbook: command not found)

---

This PR was automatically created by the HackTricks Feed Bot. Please review the changes carefully before merging.

[carlospolop]

🔗 Additional Context

Original Blog Post: https://tenable.com/blog/what-the-miasma-campaign-reveals-about-the-new-supply-chain-threat-model-and-the-underground

Content Categories: Based on the analysis, this content was categorized under "Pentesting CI/CD -> Github Security -> Abusing Github Actions; possibly add a new page or subsection for npm supply-chain worm propagation, GitHub Actions OIDC package publishing abuse, SLSA provenance limitations, and Phantom Gyp binding.gyp execution".

Repository Maintenance:

• MD Files Formatting: 587 files processed

Review Notes:

• This content was automatically processed and may require human review for accuracy
• Check that the placement within the repository structure is appropriate
• Verify that all technical details are correct and up-to-date
• All .md files have been checked for proper formatting (headers, includes, etc.)

Bot Version: HackTricks News Bot v1.0