SafeDep and Wiz's Rami McCarthy name four compromised developer accounts behind the June 8 release; defenders get a known artifact to build detections against, and a wider attack surface to worry about.
Miasma, the supply-chain worm that has hit more than 100 Red Hat and Microsoft open-source projects, is now available as open source on GitHub. The publication, which came via four previously compromised developer accounts on Monday June 8, 2026, does more than expand who can run the worm. It lowers the engineering cost of a full supply-chain attack to a single download.
The release was not a single repository but a series of accounts. Repos under names like "Miasma-Open-Source-Release" began appearing on June 8, pushed from four GitHub accounts that were already compromised before this week. SafeDep, the company behind the open-source supply-chain security product Package Management Guard (PMG), spotted the repos, analyzed at least one before GitHub removed it, and is named as the on-record researcher in The Register's writeup of the incident. Wiz principal threat researcher Rami McCarthy, also speaking to The Register, named the four previously compromised accounts as the publication vector.
What SafeDep pulled from the repositories is not a single worm. It is a full supply-chain attack toolkit. The code lets operators use stolen credentials to target arbitrary or specifically chosen packages on PyPI, npm, and RubyGems, to push into JFrog Artifactory instances, to compromise GitHub repositories, to abuse GitHub Actions, to poison AI coding-tool configuration files, and to move laterally over SSH. Each of those is a known attack surface. Bundled into a single downloadable kit, with a self-spreading worm at its center, the combination removes the assembly work a copycat would otherwise have to do.
The lineage matters for understanding the risk. Miasma itself had already hit more than 100 Red Hat and Microsoft open-source projects before the publication, and Socket was tracking 473 affected package artifacts as of Tuesday, per The Register's reporting. The release also sits inside a longer contest: TeamPCP's open-sourced Mini Shai-Hulud worm and a BreachForums supply-chain attack contest that have been seeding tooling into the open for months. Miasma, now public, is the most general-purpose artifact in that lineage so far.
The constructive side of an open-source release is real. SafeDep got an analysis window before GitHub took down at least one repo, which means detections, signatures, and hunt hypotheses can be written against a known codebase rather than against a black-box campaign. Defenders who pull the SafeDep and Socket indicators into their SIEM queries this week will be hunting with better data than they had on Monday.
The cost side is the part defenders cannot fix with a detection rule. Mini Shai-Hulud was a targeted campaign run by a specific group. Miasma, now public, is a reproducible commodity. Any actor with a previously burned developer account, anyone touched by Shai-Hulud, TeamPCP, or Megalodon, can stand up a copy with a single download, and the worm's self-propagation does the rest of the distribution. Open-sourcing a toolkit does not invent new attackers. It lowers the cost for the ones already in motion.
The practical posture for defenders this week is concrete. Treat any developer account that surfaced in prior supply-chain incidents as already burned: rotate credentials, audit SSH keys, review Artifactory and Actions permissions, and pull the SafeDep and Socket indicators into hunting queries. Watch for new package publications on PyPI, npm, and RubyGems that match the Miasma patterns SafeDep has documented, and pay particular attention to AI coding-tool configuration files in repositories tied to those developers, since AI tool config poisoning is a surface Miasma's code specifically targets. If your organization runs Artifactory, expect this to be a noisy week, not a quiet one.
The two open questions are the ones defenders will be asking by Friday. First, does GitHub close the loop on the four compromised accounts fast enough to matter, or do the Miasma-Open-Source-Release repos keep reappearing on new accounts the way Mini Shai-Hulud releases did? Second, does the publication force the maintainers of the 473 already-affected package artifacts into a coordinated re-publish, or do copycats stay ahead of the response? SafeDep's analysis gives blue teams a head start. The next 72 hours will show whether that head start is enough.