Summary: The Miasma campaign (linked to the Mini Shai-Hulud / Hades malware family) expanded this week beyond its earlier npm-only focus to compromise LeoPlatform and RStreams npm packages, abuse GitHub Actions workflows, and extend into the Go ecosystem via the Verana Blockchain project. As reported by The Hacker News and in earlier Wiz research from the campaign’s June 1 wave, attackers are systematically chaining package registry compromise with CI/CD workflow abuse to harvest developer and maintainer credentials that propagate the campaign across entire software supply chains. This is no longer a package hygiene issue — it is a systemic risk to enterprise software delivery pipelines.

What to Do: Audit npm and Go dependencies for Miasma IOCs; check the Socket Security and Wiz advisories for specific package names. Review GitHub Actions workflow permissions for least-privilege adherence and restrict third-party action usage. Rotate developer and service account credentials used in any repository that consumes affected packages. Implement SBOM scanning with provenance verification as an ongoing pipeline control.

Read Full Research Note

Summary: A German court this week ruled Google liable for errors in its AI-generated search summaries, applying publisher-level accountability to AI-mediated content. Bruce Schneier’s June 25 analysis connects this ruling directly to the Air Canada chatbot precedent (2024) and to the emerging Visa/OpenAI agentic purchase-assistant partnership, concluding that enterprises cannot selectively honor AI-made commitments when convenient while disavowing them when not. For CISOs, the operational implications are immediate: AI agents deployed in customer-facing or contractual contexts are increasingly treated by courts as binding company representatives, with no liability shield arising from the fact that a machine made the commitment.

What to Do: Inventory all AI agents operating in customer-facing, procurement, legal, HR, or external communication workflows. Update AI acceptable use policies to include contractual and legal liability exposure language. Engage legal counsel on AI agent scope limitations, particularly before any agentic procurement or customer-service deployment. Treat AI output reliability as a legal compliance requirement equivalent to data accuracy obligations.

View Full Research Note

Summary: Three concurrent developments this cycle illuminate a new systemic risk class for enterprise CISOs. The U.S. government ordered Anthropic to suspend access to its most capable frontier models (Fable 5 and Mythos 5) for foreign nationals. China simultaneously debuted a domestic frontier-AI equivalent (“Yitian” from 360 Security) explicitly framed as a U.S. AI rival. And the EU advanced a digital sovereignty plan designed to decouple European public-sector infrastructure from U.S.-based AI providers. As analyzed in Wiz’s June 18 analysis of U.S. executive AI actions, enterprise reliance on any single frontier AI provider — or on U.S.-based frontier AI as a category — now carries geopolitical supply-chain risk with no analog in traditional vendor dependency frameworks. If a government access restriction or export control is extended to enterprise customers, organizations may lose business-critical AI capabilities with little notice and limited recourse.

What to Do: Map all critical business processes that depend on frontier AI providers. Develop multi-provider architectures with documented fallback policies. Include AI provider access risk in vendor risk management and business continuity planning frameworks. Begin evaluating open-weight model alternatives as continuity backstops for critical workflows. Engage your legal and compliance team on the implications of geopolitical AI access controls for existing enterprise agreements.

View Full Research Note