The **Miasma** credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on **GitHub**. **Miasma** appears to be an evolution of the earlier **Shai-Hulud** worm, previously leaked on **GitHub** and sharing many of the same features, techniques, and even code. ### How Miasma Operates The malware infects a developer machine, steals the build environment and cloud credentials, and then uses those to compromise legitimate repositories and packages. It publishes trojanized versions to infect downstream developers, repeating the cycle. This autonomous, worm-like self-propagation mechanism can quickly expand its reach, potentially turning a single breach into a widespread supply chain attack. The malware has previously been linked to high-profile attacks against **Red Hat npm packages** and, more recently, 73 **Microsoft** repositories on **GitHub**. ### Deliberate Leak and Source Code Insights Researchers at **SafeDep** reported yesterday that the **Miasma** source code was leaked on **GitHub** via numerous compromised developer accounts. In each of those accounts, the threat actors leaked the source code in a repository named "Miasma-Open-Source-Release." This indicates that the threat actors deliberately released the source code, rather than it being an accidental leak, similar to how the **Shai-Hulud** code was published earlier.  Analysis of the code showed that the toolkit requires no command-and-control (C2) infrastructure to operate, as it leverages **GitHub** for that purpose. ### Extensive Credential Harvesting and Lateral Movement The framework harvests credentials from cloud providers, CI/CD systems, password managers, **Kubernetes**, and secret stores. It abuses them to compromise **npm**, **PyPI**, and **RubyGems** packages, as well as **GitHub** repositories, **Actions** workflows, and **JFrog Artifactory** instances. It can also move laterally through **SSH** and **AWS Systems Manager (SSM)**, and poison configurations of AI coding tools such as **Claude**, **Gemini**, **Cursor**, **Copilot**, **Kiro**, and **Cline**.  ### The 'Dead-Man Switch' and Evasive Payloads One interesting feature revealed in the leaked **Miasma** source code is a "dead-man switch" that is installed when the malware uses a victim's stolen **GitHub** token as an exfiltration channel. The component monitors the token's validity every minute and, if it's revoked, executes a destructive command (`rm -rf ~/; rm -rf ~/Documents`), recursively deleting files and directories in the user's home and Documents folders. The monitor runs as a **systemd** user service on **Linux** or a **LaunchAgent** on **macOS**, and remains active for up to 72 hours. Another interesting aspect revealed is a five-stage build pipeline that generates unique payloads for each build. **SafeDep** reports that the process combines per-file **AES-256-GCM** encryption of embedded assets, randomized string obfuscation, source transformations, JavaScript obfuscation, and a self-extracting loader that wraps the final payload in three layers of encryption. Random keys and a randomized outer encoding layer ensure that each generated sample differs from previous builds, making signature-based detection and static analysis harder. ### Implications for Open-Source Security The leak of **Shai-Hulud** led to the release of more advanced variants, such as **Miasma**, and to increased attack rates. Similarly, the leak of **Miasma**'s source code is expected to have a similar effect as threat actors adopt the code and further adjust it. This could have significant consequences for the security of the open-source ecosystem, as supply-chain attacks continue to target it at an unprecedented pace. Software developers are advised to pin project dependencies, introduce multi-day delays before adopting newly released package updates, and validate new builds in isolated test environments.