Skip to content
Threat Feed
critical advisory

AsyncAPI npm Supply Chain Compromise via GitHub Actions

Threat actors compromised AsyncAPI npm packages by exploiting a misconfigured GitHub Actions workflow, stealing a privileged bot token, and injecting obfuscated Miasma malware into multiple packages, which then executed at module-load time to establish persistence and command and control, bypassing standard npm installation mitigations.

Microsoft Threat Intelligence identified a coordinated supply chain compromise affecting the @asyncapi npm organization on July 14, 2026. Threat actors exploited a misconfigured GitHub Actions workflow to steal a privileged asyncapi-bot Personal Access Token (PAT), enabling them to inject heavily obfuscated malware loaders into five package versions across four AsyncAPI npm packages. These poisoned packages were then published via the project's legitimate CI/CD pipeline, including @asyncapi/specs (6.11.2-alpha.1, 6.11.2), @asyncapi/generator@3.3.1, @asyncapi/generator-components@0.7.1, and @asyncapi/generator-helpers@1.1.1. The malicious code, identified as Miasma (detected as Trojan:JS/MiasmStealer.SC and Trojan:Script/Supychain.A), executes at module-load (import/require) time, effectively bypassing the npm install --ignore-scripts mitigation. This campaign impacts developer workstations, CI/CD pipelines, container builds, and production services that import the affected versions, establishing persistence and command and control, with capabilities for credential harvesting and propagation.

Attack Chain

  1. An attacker exploits a vulnerable GitHub Actions workflow (pull_request_target) in the asyncapi/generator repository by submitting a malicious pull request (e.g., PR #2155).
  2. The misconfigured workflow executes attacker-controlled code, leading to the theft of a privileged asyncapi-bot Personal Access Token (PAT).
  3. The attacker uses the stolen PAT to push commits containing heavily obfuscated JavaScript loaders into AsyncAPI package source files (e.g., index.js).
  4. The project's legitimate CI/CD pipelines, authenticated via GitHub Actions OpenID Connect (OIDC) with the compromised identity npm-oidc-no-reply@github.com, publish the poisoned npm packages (e.g., @asyncapi/specs@6.11.2).
  5. Downstream consumers download and import the compromised AsyncAPI packages; the malicious code executes at require() or import time, spawning a hidden, detached child process.
  6. The child process downloads the sync.js second-stage payload (Miasma modular runtime) from an IPFS endpoint.
  7. The sync.js payload is written to an OS-specific "NodeJS" masquerade directory, establishing persistence and initiating active command and control (C2) communication with 85.137.53.71 on ports 8080, 8081, and 8091.
  8. The Miasma runtime establishes resilient C2 communication channels and has capabilities for credential harvesting, encrypted exfiltration, and supply-chain propagation, though some modules were disabled in this observed build.

Impact

The compromise of AsyncAPI npm packages directly impacts developer workstations, CI/CD pipelines, container builds, and production services that resolved and imported the affected versions. The Miasma modular runtime establishes persistent access and active command and control, posing a significant risk for further exploitation, including potential credential harvesting, data exfiltration, and lateral movement within compromised environments. Microsoft Defender Antivirus detects the malicious artifacts as Trojan:JS/MiasmStealer.SC and Trojan:Script/Supychain.A. If successful, this supply chain attack could lead to widespread code integrity issues, intellectual property theft, and unauthorized access to development infrastructure.

Recommendation

  • Immediately remove all five affected package versions: @asyncapi/specs@6.11.2-alpha.1, @asyncapi/specs@6.11.2, @asyncapi/generator@3.3.1, @asyncapi/generator-components@0.7.1, and @asyncapi/generator-helpers@1.1.1.
  • Purge npm and Yarn caches on all affected systems to ensure no cached malicious packages are re-installed.
  • Hunt for the sync.js file under "NodeJS" masquerade directories across developer workstations and CI/CD environments using Detect Miasma sync.js Payload Drop Sigma rule.
  • Block outbound connections to 85.137.53.71 on ports 8080, 8081, and 8091 at your network perimeter using Detect Miasma C2 Network Connection Sigma rule.
  • Rotate all credentials (including GitHub Personal Access Tokens and npm authentication tokens) that were accessible from any environment or service that imported the compromised packages.
  • Deploy the Sigma rules in this brief to your SIEM and tune for your environment to detect Miasma activity.

Detection coverage 2

Detect Miasma sync.js Payload Drop

high

Detects the creation of the Miasma second-stage payload, sync.js, in suspicious 'NodeJS' masquerade directories as described in the AsyncAPI compromise.

sigma tactics: persistence techniques: T1036.003 sources: file_event, windows

Detect Miasma C2 Network Connection

critical

Detects outbound network connections to the identified Miasma command and control (C2) server IP and ports associated with the AsyncAPI npm compromise.

sigma tactics: command_and_control techniques: T1071.001, T1102.002 sources: network_connection, windows

Detection queries are available on the platform. Get full rules →

Indicators of compromise

1

email

1

file_name

1

ip

TypeValue
ip85.137.53.71
file_namesync.js
emailnpm-oidc-no-reply@github.com