A major npm supply-chain incident reportedly hit the @redhat-cloud-services scope, with malicious versions published through an OIDC trusted publishing gap. The concerning part is that the packages could still appear with valid provenance, while the Miasma payload ran during npm install, stole developer/CI credentials, and attempted to spread through npm tokens, Git repos, and dev tooling configs. Analysis showed that Miasma worm is an evolved form of the Mini Shai-Hulud worm. submitted by /u/raptorhunter22 [link] [comments]