AsyncAPI npm Supply Chain Compromise via GitHub Actions
Threat actors compromised AsyncAPI npm packages by exploiting a misconfigured GitHub Actions workflow, stealing a privileged bot token, and injecting obfuscated Miasma malware into multiple packages, which then executed at module-load time to establish persistence and command and control, bypassing standard npm installation mitigations.
Microsoft Threat Intelligence identified a coordinated supply chain compromise affecting the @asyncapi npm organization on July 14, 2026. Threat actors exploited a misconfigured GitHub Actions workflow to steal a privileged asyncapi-bot Personal Access Token (PAT), enabling them to inject heavily obfuscated malware loaders into five package versions across four AsyncAPI npm packages. These poisoned packages were then published via the project's legitimate CI/CD pipeline, including @asyncapi/specs (6.11.2-alpha.1, 6.11.2), @asyncapi/generator@3.3.1, @asyncapi/generator-components@0.7.1, and @asyncapi/generator-helpers@1.1.1. The malicious code, identified as Miasma (detected as Trojan:JS/MiasmStealer.SC and Trojan:Script/Supychain.A), executes at module-load (import/require) time, effectively bypassing the npm install --ignore-scripts mitigation. This campaign impacts developer workstations, CI/CD pipelines, container builds, and production services that import the affected versions, establishing persistence and command and control, with capabilities for credential harvesting and propagation.
Attack Chain
- An attacker exploits a vulnerable GitHub Actions workflow (
pull_request_target) in theasyncapi/generatorrepository by submitting a malicious pull request (e.g., PR #2155). - The misconfigured workflow executes attacker-controlled code, leading to the theft of a privileged
asyncapi-botPersonal Access Token (PAT). - The attacker uses the stolen PAT to push commits containing heavily obfuscated JavaScript loaders into AsyncAPI package source files (e.g.,
index.js). - The project's legitimate CI/CD pipelines, authenticated via GitHub Actions OpenID Connect (OIDC) with the compromised identity
npm-oidc-no-reply@github.com, publish the poisoned npm packages (e.g.,@asyncapi/specs@6.11.2). - Downstream consumers download and import the compromised AsyncAPI packages; the malicious code executes at
require()orimporttime, spawning a hidden, detached child process. - The child process downloads the
sync.jssecond-stage payload (Miasma modular runtime) from an IPFS endpoint. - The
sync.jspayload is written to an OS-specific "NodeJS" masquerade directory, establishing persistence and initiating active command and control (C2) communication with85.137.53.71on ports8080,8081, and8091. - The Miasma runtime establishes resilient C2 communication channels and has capabilities for credential harvesting, encrypted exfiltration, and supply-chain propagation, though some modules were disabled in this observed build.
Impact
The compromise of AsyncAPI npm packages directly impacts developer workstations, CI/CD pipelines, container builds, and production services that resolved and imported the affected versions. The Miasma modular runtime establishes persistent access and active command and control, posing a significant risk for further exploitation, including potential credential harvesting, data exfiltration, and lateral movement within compromised environments. Microsoft Defender Antivirus detects the malicious artifacts as Trojan:JS/MiasmStealer.SC and Trojan:Script/Supychain.A. If successful, this supply chain attack could lead to widespread code integrity issues, intellectual property theft, and unauthorized access to development infrastructure.
Recommendation
- Immediately remove all five affected package versions:
@asyncapi/specs@6.11.2-alpha.1,@asyncapi/specs@6.11.2,@asyncapi/generator@3.3.1,@asyncapi/generator-components@0.7.1, and@asyncapi/generator-helpers@1.1.1. - Purge npm and Yarn caches on all affected systems to ensure no cached malicious packages are re-installed.
- Hunt for the
sync.jsfile under "NodeJS" masquerade directories across developer workstations and CI/CD environments usingDetect Miasma sync.js Payload DropSigma rule. - Block outbound connections to
85.137.53.71on ports8080,8081, and8091at your network perimeter usingDetect Miasma C2 Network ConnectionSigma rule. - Rotate all credentials (including GitHub Personal Access Tokens and npm authentication tokens) that were accessible from any environment or service that imported the compromised packages.
- Deploy the Sigma rules in this brief to your SIEM and tune for your environment to detect
Miasmaactivity.
Detection coverage 2
Detect Miasma sync.js Payload Drop
highDetects the creation of the Miasma second-stage payload, sync.js, in suspicious 'NodeJS' masquerade directories as described in the AsyncAPI compromise.
Detect Miasma C2 Network Connection
criticalDetects outbound network connections to the identified Miasma command and control (C2) server IP and ports associated with the AsyncAPI npm compromise.
Detection queries are available on the platform. Get full rules →
Indicators of compromise
1
1
file_name
1
ip
| Type | Value |
|---|---|
| ip | 85.137.53.71 |
| file_name | sync.js |
| npm-oidc-no-reply@github.com |