THE diary entry dated June 8, 2026, by Kenneth Hartman discusses ongoing developments in the TeamPCP supply chain campaign which was previously documented. Key updates include: the U.S. government's response, notably CISA adding critical vulnerabilities to its Known Exploited Vulnerabilities catalog and issuing advisories related to the campaign. A malicious npm wave, dubbed 'Miasma,' compromised numerous Red Hat packages, followed by a variant 'Phantom Gyp' that exploited a new attack vector.
The complexity and propagation of the attack have raised concerns about attribution, as similar techniques are being used by potentially unrelated attackers. Recommendations for defenders include patching vulnerabilities, auditing CI/CD practices, and enhancing monitoring for supply chain attacks.