{"name":"MIASMA_WAVE2_BINDINGYP_2026 - campaign","description":"# Executive Threat Brief — MIASMA_WAVE2_BINDINGYP_2026\n\nMiasma is back. The same credential-stealing worm that compromised 32 Red Hat Cloud Services npm packages on June 1, 2026 has launched a second wave targeting high-download packages across the npm ecosystem, with confirmed hits on @vapi-ai/server-sdk (71,000 weekly downloads) and ai-sdk-ollama (31,000 weekly downloads), alongside 55 additional packages accumulating 647,000 total monthly downloads.\n\nThe key technical change in this wave: execution now runs through a preconfigured binding.gyp file, exploiting node-gyp's native build mechanism to silently run malware at install time. This bypasses monitoring rules and scanner signatures built around the scripts field in package.json.\n\nMalware capabilities are unchanged from Wave 1: GitHub tokens, npm tokens, AWS, GCP, and Azure credentials, and local environment information are all targets. The campaign self-identifies as 'Miasma – The Spreading Blight'. First confirmed infection in GitHub occurred at 02:46:12 +0800 on June 4, 2026. Attribution links to the same GitHub account (windy629) documented in prior Shai-Hulud analysis. Over 118 infected repositories with stolen credentials have been identified.\n\nZero-CVE Gap: No CVE, GHSA, or OSV record exists for any compromised package in this wave. Scanner workflows dependent on CVE assignment have no detection surface.\n\nTotal affected packages: 57. Total monthly downloads affected: 647,204."}