On June 1, 2026, over 30 packages under the @redhat-cloud-services namespace on the NPM platform were implanted with malicious payloads from a variant of the Mini Shai-Hulud open-source worm by Red Hat. The attackers bypassed regular security reviews by compromising OIDC tokens for GitHub Actions, directly injecting malicious code through legitimate release channels. The malicious packages added preinstall scripts in package.json, automatically executing a 4.2MB multi-layered obfuscated payload during the npm install phase. This payload decrypted and executed attack code via the Bun runtime environment. The malicious code systematically stole GitHub tokens, cloud platform keys (AWS/GCP/Azure), infrastructure secrets (Kubernetes/Vault), and developer toolchain credentials (npm/PyPI/SSH), while expanding the attack scope by scanning credential management platforms like AWS Secrets Manager and Azure Key Vault. For GitHub Actions instances, the payload directly extracted running key data from process memory, bypassing log desensitization mechanisms. Stolen data was sent to attacker-controlled servers disguised as legitimate requests, and compromised GitHub accounts were used to create public repositories named 'Miasma: The Spreading Blight' to store the stolen credentials. The worm achieved persistent residency on Linux and macOS systems by registering system services or property list files to ensure startup autonomy, while modifying configurations of AI developer tools like Claude and Codex to implant automatic execution tasks in VS Code when folders were opened. This attack exposed a complete attack chain in modern software supply chains, comprising developer machines, CI/CD pipelines, GitHub Actions, npm release permissions, and cloud service credentials. A single compromised release node could spread throughout the ecosystem via normal distribution mechanisms.