Miasma npm Supply Chain Attack: Self-Spreading Worm via Phantom Gyp
A self-replicating worm named Miasma is spreading across the npm registry by injecting malicious code into binding.gyp files, which execute during npm install without requiring package.json script modifications. The attack has already compromised dozens of packages across multiple maintainer accounts and evades conventional security detection.
- Disclosed
- Last updated
- Blast radius
- Multiple npm packages and maintainer accounts compromised; self-spreading mechanism increases exposure across the ecosystem
- Ecosystems
- Attack vectors
- Affected entities
- Multiple npm packagesDozens of packages compromised via binding.gyp injection; specific package names not disclosed in source
StepSecurity reported a novel npm supply chain attack named Miasma that leverages binding.gyp files to execute arbitrary code during the npm install phase. Unlike traditional npm attacks that modify package.json scripts, this method exploits the native module build process, allowing malicious code execution while potentially evading security scanning tools that focus on package.json analysis.
The attack operates as a self-replicating worm, propagating itself to additional packages and compromising multiple maintainer accounts. The use of binding.gyp—a configuration file for native C++ modules—represents a bypass of conventional detection mechanisms, as it is less commonly scrutinized than package.json modifications.
As of the disclosure date, the attack had already compromised dozens of packages within the npm ecosystem. The self-spreading nature of the worm indicates an active and ongoing threat that could rapidly escalate across dependent projects.
Remediation
- Immediately audit npm packages with native module dependencies (those using binding.gyp)
- Review binding.gyp file contents in installed packages for suspicious code
- Monitor for unexpected network connections or system modifications post-npm install
- Update npm audit tools and security scanners to detect binding.gyp-based attacks
- Consider temporary restrictions on packages with binding.gyp dependencies until patched
- Review npm account security and enable two-factor authentication on maintainer accounts
- Check package integrity and look for recent unauthorized commits or releases
Sources
Cite this entry
"Miasma npm Supply Chain Attack: Self-Spreading Worm via Phantom Gyp." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed June 4, 2026; last updated June 7, 2026. https://supplychainattack.org/incident/miasma-npm-supply-chain-attack-self-spreading-worm-via-phantom-gyp-1b4n1o
Suggest a correction
Found an error or have a newer source? Corrections to factual errors take priority over new entries.
Related incidents
- activehigh
Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware
A supply chain campaign dubbed "Mini Shai Hulud" targeted SAP npm packages with malicious versions containing credential-stealing malware. The campaign follows patterns similar to previous Shai-Hulud attacks.
npmCompromised packageMalicious commit - containedcritical
Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack
On March 19, 2026, threat actors attributed to "TeamPCP" injected credential-stealing malware into Aqua Security's Trivy scanner and related GitHub Actions. The compromise affected the supply chain of a widely-used container security tool, potentially exposing credentials and secrets in CI/CD environments.
Container registryOtherCompromised packageMalicious commit - activecritical
Malware in @doaction/auth
Malware discovered in the npm package @doaction/auth. Systems with this package installed are considered fully compromised and require immediate remediation.
npmCompromised package - containedcritical
Malware in @doaction/shared
Malware was discovered in the npm package @doaction/shared. Systems with this package installed are considered fully compromised and require immediate remediation.
npmCompromised package