New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk
Edit Calendar Icon 1 Jun 2026
SafeDep Logo
T1199

Trusted Relationship

Abuse of npm GitHub Actions trusted publishing, which binds trust to repository + workflow filename rather than branch/ref/environment.

discovered 2026-06-01
View on MITRE ATT&CK ↗

Seen in packages

Campaigns