WireByte

Home / Software

Miasma Attack Toolkit Leaked on GitHub
Image: Pexels / lalesh aldarwish
Software

Miasma Attack Toolkit Leaked on GitHub

WireByte Staff · June 9, 2026

The complete toolkit for the Miasma supply-chain attack has been open-sourced on GitHub. The self-spreading malware, previously targeting open-source projects, can now be used to execute various attacks, including credential theft and AI tool poisoning. The leak follows a trend of malicious tools being released publicly, raising concerns about broader cyber threats.

Key points

  • The full toolkit for the Miasma supply-chain attack has been publicly released on GitHub as open-source code.
  • Miasma is a self-spreading malware that targets open-source projects and can execute various attacks via stolen credentials.
  • Attack vectors include poisoning AI coding tools, lateral movement using SSH, and targeting public package registries.
  • The leak occurred recently, with malicious repositories appearing on GitHub starting Monday, and has been noted by security firm SafeDep.
  • This release follows a pattern of malicious cyber tools being made open-source, potentially increasing their widespread use.

The entire toolkit behind the Miasma supply-chain attack has been made available as open-source code on GitHub. The self-spreading malware, which has previously affected numerous open-source projects, can now be more widely accessed and potentially utilized for diverse cyber threats.

Security researchers from SafeDep discovered repositories containing the Miasma source code on Monday, labeling them "Miasma-Open-Source-Release." Analysis revealed the toolkit is capable of executing a range of attacks, including leveraging stolen credentials against packages on registries like PyPI and npm, as well as targeting AI coding tools and enabling lateral movement via SSH. This release expands the potential scope of Miasma's impact beyond its initial targets.

The open-sourcing of such attack tools is becoming a growing concern in the cybersecurity landscape. This incident echoes previous events, such as the public release of the Shai-Hulud worm toolkit and subsequent copycat poisonings. The trend raises alarms about the potential for increased sophistication and proliferation of supply-chain attacks.

Sources

WireByte Staff — Editorial Team

The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.