New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk

•

1 Jun 2026

T1606.002

Forge Web Credentials: SAML Tokens

Exchanges the GitHub Actions OIDC token for npm publish tokens via the registry OIDC exchange endpoint.

discovered 2026-06-01

View on MITRE ATT&CK ↗

Seen in packages

npm@redhat-cloud-services/patch-clientuses

Campaigns

Miasma: The Spreading Blightattributed-to