Skip to content
What the Miasma campaign reveals about the new supply chain threat model and the underground market for developer credentials A stolen session cookie sat in underground markets for seven weeks before attackers used it to poison 32 Red Hat packages in the npm software registry, an example of the industrial approach behind modern supply chain attacks. Key takeaways - Miasma is a self-propagating npm...