Advertisement
Security

AsyncAPI Breach Exposes CI/CD Pipeline Risk

A sophisticated supply chain attack used legitimate GitHub pipelines to push malicious code via the AsyncAPI npm namespace.

··2 hours ago·2 min read
green and black stripe textile
Photo by Markus Spiske on Unsplash
Advertisement

The security of the software supply chain has faced a rigorous test following the discovery of a multi-stage botnet loader embedded within widely used AsyncAPI packages. By leveraging the project's own automated workflows, attackers bypassed traditional detection methods to distribute malicious code that executes the moment an infected module is invoked by Node.js.

Pipeline Integrity Under Fire

The attackers did not rely on stolen tokens or compromised maintainer accounts. Instead, they secured push access to the underlying repositories, allowing them to inject code that was then distributed via legitimate GitHub Actions release pipelines. Because the publication process utilized npm's OIDC trusted-publisher integration, the resulting packages carried authentic SLSA provenance attestations, creating a false sense of security for developers and automated build systems alike.

Both attacks are CI/CD pipeline compromises, not stolen npm tokens or malicious maintainers.

— Rohan Prabhu, security researcher

Botnet Mechanics and Persistence

Once a build process calls the poisoned library, the hidden payload initiates a detached background node. This secondary process retrieves the Miasma-based framework from an IPFS-hosted URL. The malware is designed for stealth and longevity, featuring an extensive array of persistence mechanisms, including the modification of crontabs, systemd services, and Windows Registry keys to ensure the botnet survives system reboots.

  • 744 modules bundled within the tasking framework
  • 6 independent command-and-control communication channels utilized
  • 5 total malicious package versions identified and unpublished

Evasion and Operational Security

The framework is highly sensitive to its operating environment, employing a sophisticated detection suite to avoid analysis. It proactively monitors for the presence of security tools from major vendors such as CrowdStrike, Microsoft Defender, and SentinelOne. Furthermore, the malware executes a dead man's switch, which monitors for revoked tokens and triggers a directory wipe if the system security posture changes unexpectedly.

Although the malware has some similarities to the Shai-Hulud and Miasma campaigns, and it contains the Miasma string multiple times inside its code, this malware isn't the same as them, nor is it attributed to the Miasma/Shai-Hulud/TeamPCP campaigns that we've seen in the past.

— Moshe Siman Tov Bustan, OX Security

Consequences for Software Development

This incident underscores a critical shift in the threat landscape where provenance attestations are no longer sufficient to guarantee package safety. Because the malicious code is not executed during installation but during runtime, standard dependency scanners might overlook the threat if they are not monitoring for anomalous calls to external infrastructure. For organizations, this necessitates a more rigorous review of CI/CD pipeline configurations and an assumption that authorized workflows can still be subverted to facilitate malicious deployments. Treating any environment that has loaded these packages as compromised is the only secure path forward for remediation.

#supply chain attack#npm#botnet#ci/cd security#malware

Xploitwire Editorial Team

Xploitwire Newsroom

This article was researched and drafted with AI assistance and reviewed by our editorial team before publication. About Xploitwire →

← Back to all stories
Advertisement