Utopia Tech
Security1 min read

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. "The latest activity includes malicious npm releases affecting LeoPlatform and RStreams packages, GitHub Actions workflow abuse, and

UT

Utopia Tech

June 26, 2026 · 1 min read

Share

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. "The latest activity includes malicious npm releases affecting LeoPlatform and RStreams packages, GitHub Actions workflow abuse, and a related Go

Originally published at thehackernews.com

#Cybersecurity#Malware#Vulnerabilities
Share
▸ Want a deeper look?

Talk to an architect about applying this to your stack.

60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.

Schedule the call
▸ Continue reading

More from the journal

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
Security

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

1 min read

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
Security

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

1 min read

Thanks for Crushing the Submissions Inbox. We're Trying to Keep Up
Security

Thanks for Crushing the Submissions Inbox. We're Trying to Keep Up

1 min read

All posts
Skip to main content