Dossier
RStreams
Coverage of RStreams in the Nexus archive.
Miasmatopic1npmorganization1Leo Platformorganization1Microsoft Threat Intelligenceorganization1Sonatypeorganization1GitHuborganization1AWSorganization1Azureorganization1Google Cloudorganization1Miasma Malwaretopic1Mini Shai-Huludtopic1Hades malware familytopic1npm packagestopic1LeoPlatformtopic1GitHub Actionstopic1Go ecosystemtopic1
- Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
The Miasma malware campaign has poisoned over 20 npm packages in the Leo Platform and RStreams ecosystems, targeting developer credentials and CI environments. The attack, executed in under three seconds by compromising an npm maintainer account, steals secrets from cloud providers, GitHub, and other platforms, and republishes packages to propagate further.
- Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
Miasma malware, part of the Mini Shai-Hulud, Miasma, and Hades family, has compromised new npm packages like LeoPlatform and RStreams while expanding to the Go ecosystem. The attack also involves malicious GitHub Actions workflow abuse.