Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
Summary
Microsoft has identified the 'Miasma campaign' actively compromising over 20 npm packages, including Leo Platform and RStreams. The attackers are poisoning these packages to harvest developer credentials and subsequently target more package maintainers. This represents a significant supply chain attack aimed at developer ecosystems.
IFF Assessment
The Miasma campaign represents a threat to the software supply chain by compromising npm packages to steal developer credentials.
Defender Context
Defenders must prioritize securing their software supply chain, especially concerning open-source dependencies like npm packages. Implementing strong authentication for developer accounts, regularly auditing dependencies for integrity, and employing supply chain security tools are crucial. Organizations should also monitor for suspicious activity within developer environments and educate maintainers on phishing and social engineering tactics.