While Blue Origin investigates the root cause behind last night's spectacular explosion of its New Glenn rocket, it's already clear that this will be a major setback for NASA's Moon base plans and Amazon's fledgling Leo space internet constellation.

The incident occurred at about 9pm at Blue Origin's Florida launch site during a hot-fire test, where seven engines in the booster stage are lit while keeping the 322-foot-tall rocket fixed to the launchpad. The explosion and ensuing fireball severely damaged the only launchpad Blue Origin has for its New Glenn rocket.

Read the full story at The Verge.

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771@gmail[.]com) published 14 malicious packages within a four-hour window. The packages typosquat well-known OpenSearch, ElasticSearch, DevOps, and environment-configuration libraries, and several spoof the upstream OpenSearch project’s repository URL in their package.json to appear legitimate. Once installed, the packages harvest AWS credentials, HashiCorp Vault tokens, and CI/CD pipeline secrets from the host environment.

All packages in the cluster ship the same install-time stager and the same Bun-compiled second-stage payload – a ~195 KB credential harvester purpose-built for cloud and CI/CD environments. The payload runs silently during npm install and targets credentials across Amazon Web Services, HashiCorp Vault, GitHub Actions, and the npm registry itself, enabling both cloud lateral movement and downstream supply-chain pivoting through stolen npm publish tokens. Based on our investigation and feedback to the npm team these repos and users were taken down.

Key capabilities observed in the campaign include automatic execution via npm lifecycle hooks, two distinct stager generations (an HTTP-C2 variant and a stealthier variant that abuses the legitimate Bun runtime distribution), AWS Instance Metadata Service (IMDSv2) and ECS task-role theft, AWS Secrets Manager enumeration across 16+ regions, HashiCorp Vault token harvesting, and theft of npm publish tokens for follow-on supply-chain attacks.

Attack chain overview

The vpmdhaj cluster spans 14 scoped and unscoped packages that all mimic the @opensearch / @elastic ecosystem. The attack proceeds through:

• Publication of 14 typosquat packages under a single actor identity
• Automatic payload execution through a preinstall hook during npm install
• Execution chain (Gen-1): node -> preinstall.js -> HTTP C2 -> payload.bin (detached)
• Execution chain (Gen-2): node -> setup.mjs -> download legitimate Bun runtime -> run bundled stage-2
• Cloud credential theft (AWS IMDS, ECS metadata, Vault, Secrets Manager) and npm publish-token theft for downstream supply-chain pivot

The lure: typosquats and spoofed metadata

The actor adopted three social-engineering techniques designed to drive installs by mistake or trust transference. First, lookalike naming – names such as opensearch-setup, opensearch-setup-tool, opensearch-config-utility, elastic-opensearch-helper, search-engine-setup, and env-config-manager mimic well-known cluster-management and configuration libraries. Second, spoofed upstream metadata – every unscoped package sets its package.json homepage, repository, and bugs fields to the legitimate github.com/opensearch-project/opensearch-js project. Third, inflated version numbers – releases jump straight to 1.0.7265, 1.0.9108, or 2.1.9201 to suggest a long, mature release history.

Execution: npm lifecycle hook abuse

Every package in the cluster declares an automatic install-time hook in package.json. The malicious code executes the moment a victim runs npm install – no require() from victim code is needed. Two stager variants were observed:

• Gen-1 (versions <= 1.0.7265): install, preinstall, and postinstall hooks all invoke preinstall.js / index.js
• Gen-2 (versions >= 1.0.7266): a single preinstall hook invokes setup.mjs (newer, stealthier loader)

Gen-1 stager: HTTP C2 beacon and payload drop

preinstall.js collects rich host context – hostname, platform, arch, Node version, USER/USERNAME, cwd, INIT_CWD, npm_package_name, npm_package_version – base64-encodes the JSON, and POSTs it to the actor’s C2 with a campaign-unique header X-Supply: 1. The same C2 endpoint then serves a gunzip-compressed second-stage binary, which is written to payload.bin in the package install directory, chmod 0755’d, and spawned detached.

The package’s index.js re-launches the same payload.bin on every subsequent require() of the module – a quiet persistence mechanism that survives across CI build stages and developer rebuild loops. The module also exports a benign-looking object falsely identifying itself as @opensearch/setup.

Gen-2 stager: abusing the legitimate Bun runtime as a loader

In newer versions, the actor replaced the noisy HTTP-C2 design with a stealthier loader that eliminates the install-time C2 round-trip entirely. setup.mjs (a) checks whether bun is already present on the host; (b) if not, downloads the legitimate Bun runtime v1.3.13 from github.com/oven-sh/bun/releases for the correct platform/arch (Linux x64/musl/aarch64, macOS x64/arm64, Windows x64/arm64); (c) extracts the ZIP using unzip, PowerShell Expand-Archive, or a hand-rolled ZIP parser; and (d) executes the pre-bundled second-stage payload (opensearch_init.js or ai_init.js) that ships inside the npm tarball.

This design reduces visibility for defenders that primarily monitor unusual outbound traffic during package installation.

Credential theft

The second-stage binary is a single-file Bun-compiled JavaScript binary of approximately 195 KB, purpose-built for cloud and CI/CD secret theft. Static review of the bundle identifies routines that target secrets across five platforms:

• AWS: queries EC2 Instance Metadata Service v2 (169.254.169[.]254), Elastic Container Service task metadata (169.254.170[.]2), reads AWS env credentials, calls STS GetCallerIdentity / AssumeRole, and enumerates Secrets Manager (ListSecrets / GetSecretValue) across 16+ regions with a bundled SigV4 signer.
• HashiCorp Vault: reads VAULT_TOKEN and VAULT_AUTH_TOKEN environment variables.
• npm: validates tokens through /-/whoami and enumerates publish access through /-/npm/v1/tokens.
• GitHub Actions: collects GITHUB_REPOSITORY and RUNNER_OS context to identify build environments for prioritized exploitation.
• CI/CD environment: respects __DAEMONIZED=1 to avoid re-entry, and explicitly resets CI=false to mislead build-aware code paths.

Impact and blast radius

• Stolen AWS STS sessions and Secrets Manager material enable cloud lateral movement and data theft.
• Stolen GitHub Actions tokens enable repo manipulation and CI/CD pipeline tampering.
• Stolen npm publish tokens enable downstream supply-chain pivoting – pushing malicious updates to packages owned by hijacked maintainer identities, expanding the campaign beyond the initial 14 packages.
• All 14 packages target the OpenSearch / ElasticSearch ecosystem keywords, suggesting the actor likely chose a developer audience to have AWS and Elastic cloud credentials in their environments.

Mitigation and protection guidance

Microsoft recommends the following mitigations to reduce the impact of this threat:

• Identify systems that installed or built affected package versions on or after May 28, 2026.
• Pin known-good package versions where possible and avoid automatic dependency upgrades until validation is complete.
• Disable pre- and post-installation script execution by running npm install with –ignore-scripts (or setting npm config set ignore-scripts true globally). Apply equivalent settings for pnpm and yarn.
• Rotate AWS IAM/STS, HashiCorp Vault, npm publish, and GitHub Actions tokens that may have been exposed to affected runners or developer workstations.
• Block egress to aab.sportsontheweb[.]net at proxy, firewall, and DNS layers. Alert on any HTTP request carrying the header X-Supply: 1.
• Hunt CloudTrail for anomalous sts:GetCallerIdentity rapidly followed by sts:AssumeRole, and for secretsmanager:ListSecrets or GetSecretValue in cross-region succession from build infrastructure or developer IP space.
• Audit CI/CD logs for unexpected outbound network connections, Bun runtime downloads from GitHub Releases by Node.js processes, and detached child processes spawned with __DAEMONIZED=1.
• Review npm package lockfiles (package-lock.json, yarn.lock, pnpm-lock.yaml), build logs, and artifact provenance for evidence of compromised package versions.
• Enable cloud-delivered protection in Microsoft Defender Antivirus or equivalent antivirus protection.
• Use Microsoft Defender XDR to investigate suspicious activity across endpoints, identities, cloud apps, and developer environments.
• Use Microsoft Defender Vulnerability Management to search for the affected packages across your estate.

How Microsoft Defender helps

Microsoft Defender Antivirus detects and blocks the malicious components on access. During reproduction in our analysis environment, setup.mjs was automatically quarantined the moment the tarball was extracted to disk.

Microsoft Defender XDR Detections

Microsoft Defender XDR customers can refer to the list of applicable detections below. Microsoft Defender XDR coordinates detection, prevention, investigation, and response across endpoints, identities, email, and apps to provide integrated protection against attacks like the threat discussed in this blog.

Advanced hunting

The following sample queries let you search for a week’s worth of events. To explore up to 30 days of raw data, go to the Advanced Hunting page > Query tab, and update the time range to Last 30 days.

Hunt for suspicious npm lifecycle script execution involving vpmdhaj packages.

DeviceProcessEvents
| where Timestamp > ago(7d)
| where FileName in~ ("node.exe", "node", "npm.cmd", "npm.exe", "npx.cmd", "npx.exe")
| where ProcessCommandLine has_any ("preinstall", "postinstall", "install")
| where ProcessCommandLine has_any (
    "@vpmdhaj", "opensearch-setup", "opensearch-setup-tool",
    "opensearch-config-utility", "opensearch-security-scanner",
    "search-engine-setup", "search-cluster-setup",
    "elastic-opensearch-helper", "vpmdhaj-opensearch-setup",
    "env-config-manager", "app-config-utility")
| project Timestamp, DeviceName, FileName, ProcessCommandLine,
          InitiatingProcessFileName, InitiatingProcessCommandLine, AccountName

Hunt for the stage-2 payload artifact on disk.

DeviceFileEvents
| where Timestamp > ago(7d)
| where FileName =~ "payload.bin"
| where FolderPath has "node_modules"
| project Timestamp, DeviceName, FolderPath, FileName,
          InitiatingProcessFileName, InitiatingProcessCommandLine, AccountName

Hunt for detached payload execution with the campaign environment marker.

DeviceProcessEvents
| where Timestamp > ago(7d)
| where ProcessCommandLine has "__DAEMONIZED=1"
   or InitiatingProcessCommandLine has "__DAEMONIZED=1"
| project Timestamp, DeviceName, FileName, ProcessCommandLine,
          InitiatingProcessFileName, InitiatingProcessCommandLine

Hunt for Gen-2 loader: Bun runtime download from GitHub Releases by Node.js.

DeviceNetworkEvents
| where Timestamp > ago(7d)
| where InitiatingProcessFileName in~ ("node.exe", "node")
| where RemoteUrl has "github.com/oven-sh/bun/releases/download"
| project Timestamp, DeviceName, RemoteUrl, RemoteIP,
          InitiatingProcessFileName, InitiatingProcessCommandLine, AccountName

Hunt for C2 beacon to attacker infrastructure.

DeviceNetworkEvents
| where Timestamp > ago(30d)
| where RemoteUrl has "aab.sportsontheweb.net"
   or RemoteUrl has "sportsontheweb.net"
| project Timestamp, DeviceName, RemoteUrl, RemoteIP,
          InitiatingProcessFileName, InitiatingProcessCommandLine, AccountName

Hunt for AWS IMDS / ECS metadata access from Node.js processes.

DeviceNetworkEvents
| where Timestamp > ago(7d)
| where InitiatingProcessFileName in~ ("node.exe", "node", "bun.exe", "bun")
| where RemoteIP in ("169.254.169.254", "169.254.170.2")
| project Timestamp, DeviceName, RemoteIP, RemoteUrl,
          InitiatingProcessFileName, InitiatingProcessCommandLine, AccountName

Indicators of Compromise (IOC)

Affected npm packages – all published by maintainer vpmdhaj on 2026-05-28:

Actor, network, and file IOCs

References

• https://www.npmjs.com/~vpmdhaj  –  npm maintainer profile (all 14 packages)
• https://www.npmjs.com/package/@vpmdhaj/elastic-helper
• https://www.npmjs.com/package/@vpmdhaj/devops-tools
• https://docs.npmjs.com/cli/v10/using-npm/scripts  –  npm lifecycle scripts documentation
• https://bun.sh  –  Bun runtime (abused by Gen-2 stager as a loader)
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-use-IMDSv2.html  –  IMDSv2 hardening guidance

This research is provided by Microsoft Defender Security Research with contributions from members of Microsoft Threat Intelligence.

Learn more

For the latest security research from the Microsoft Threat Intelligence community, check out the Microsoft Threat Intelligence Blog.

To get notified about new publications and to join discussions on social media, follow us on LinkedIn, X (formerly Twitter), and Bluesky.

To hear stories and insights from the Microsoft Threat Intelligence community about the ever-evolving threat landscape, listen to the Microsoft Threat Intelligence podcast.

Review our documentation to learn more about our real-time protection capabilities and see how to enable them within your organization.   

• Microsoft 365 Copilot AI security documentation 
• How Microsoft discovers and mitigates evolving attacks against AI guardrails 
• Learn more about securing Copilot Studio agents with Microsoft Defender  
• Evaluate your AI readiness with our latest Zero Trust for AI workshop.
• Learn more about Protect your agents in real-time during runtime (Preview)
• Explore how to build and customize agents with Copilot Studio Agent Builder 

The post Typosquatted npm packages used to steal cloud and CI/CD secrets appeared first on Microsoft Security Blog.

Strategic Technology Consultation Services

This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk.

Show Notes

"It is providing you a… unified stack, a cloud ready stack for building distributed applications where the configuration… you can say the configuration files that we usually maintain, like YAML files, XML files, json files. So it is generally taken care of those nitty gritties."— Joydip Kanjilal

Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem.

Today, Joydip Kanjilal returned to the show to talk about Aspire and where it fits in the modern enterprise application stack. We also talk about how Aspire isn't just for microservices or nanoservices, it will work quite well with modular monoliths, too. As long as your application code isn't highly coupled.

"Maintaining large scale distributed systems requires deep visibility into… how the services are interacting, how the services are behaving over a period of time. So that helps enterprises to understand how the applications are behaving. If something goes wrong, what went wrong? Why is it that the application is not being able to scale? why is it not… able to handle, more you know, requests in a specific period? What are the security loopholes and everything?"— Joydip Kanjilal

One side note: we recorded this episode shortly before Aspire was rebranded from ".NET Aspire". So if you're listening in wondering, "wait. That's not what it's called," please bear with us because we both used the old branding for half of the episode. Let's hope that the PM for Aspire, Maddy Montaquila, doesn't notice. Sorry Maddy.

Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes.

Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET.

Full Show Notes

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/aspirifying-the-enterprise-building-modern-apps-with-aspire-with-joydip-kanjilal/

Useful Links:

• Joydip's website
• Joydip's blog
• Joydip's GitHub
• Joydip's newsletter

Supporting the show:

• Leave a rating or review
• Buy the show a coffee
• Become a patron

Getting in Touch:

• Via the contact page
• Joining the Discord

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show.

Editing and post-production services for this episode were provided by MB Podcast Services.

This week, we discuss the Cloudflare CEO's op-ed, upcoming tech IPOs and GitHub getting breached. Plus, ranking our favorite manifestos.

Watch the YouTube Live Recording of Episode 573

Runner-up Titles

• We’re not making money so we can’t put in place the enshitification strategy.
• Go easy on the AI
• I hope they’re not using PowerPoint in the Vatican
• I didn’t’ come here to talk about the Pope
• I should take more showers
• I came to measure and chew bubblegum
• Matt Ray Dalio is not a wave rider.
• Usability golf
• No dependencies, no problems
• Peak Software
• We are a safe haven for measures
• Tools and Rules

Rundown

• Layoffs
  • How do AI Layoffs Work? Some Speculation.
  • How I Choose Which Cloudflare Employees to Replace With AI
• Revenue and IPO
  • Anthropic is paying SpaceX $15 billion per year
  • OpenAI Prepares to File to Go Public in Coming Weeks
  • SpaceX TAM - $28.5 trillion. US GDP - $31 trillion.
• GitHub Got Hacked. The AI Security Arms Race is Here
  • NHS Pulls OSS
  • Wiz + Anthropic: Claude Enterprise Meets the Security Graph | Wiz Blog

Relevant to your Interests

• Grafana breach caused by missed token rotation after TanStack attack
• Introducing UniFi 5G Backup
• SpaceX not the behemoth everyone thought
• Microsoft admits its "infuriating" floating AI button was a mistake
• Microsoft admits forcing the floating Copilot button on Office users was a mistake—but engagement went up anyway
• IBM and U.S. Department of Commerce Announce America’s First Purpose-Built Quantum Foundry, Supported by Proposed $1 Billion CHIPS Award
• Microsoft open-sources "the earliest DOS source code discovered to date"
• [Blackstone and Google launch $5B TPU cloud venture with 500MW of AI capacity](https://www.edgeir.com/blackstone-and-google-launch-5b-tpu-cloud-venture-with-500mw-of-ai-capacity-20260525#:~:text=Blackstone%20and%20Google%20are%20forming,Tensor%20Processing%20Units%20(TPUs)
• What It Takes to Preserve Floppy Disks
• U.S. companies have an AI problem. Indian IT wants to be the solution
• Audio-generation app Huxe, founded by former NotebookLM developers, shuts down
• Spotify adds AI-powered Q&A and briefing generation features to podcasts

Sponsors

• Sentry - Quit Buggin': use code sdt26 for $100 in credit for new customers

Nonsense

• GE’s nugget ice maker is nearly half off if you buy it refurbished
• Watch: Drones crash into water after Sydney light show malfunction
• America the Tasty: The Best Breakfast in Every State

Listener Feedback

• Jason built the DepartTime App iPhone App

Conferences

• VMware User Group, Dallas, June 9-11, 2026
• WeAreDevelopers Europe, July 8-10, 2026 Berlin, Coté speaking.
• DevOpsDays Graz, Sept 4-5, 2026
• DevOpsDays Rockies, Sept. 22 – 23, 2026, Discount Code: 26DODSWEDEFTALK
• WeAreDevelopers NA, Sept 23-25, 2026, Discount Code: DEVPOD26
  • 25 Free Tickets
• DevOpsDays Dallas, Sept 28-29, 2026
• DevOpsDays Vilnius, Sep 30 - Oct 1, 2006
• DevOpsDays Istanbul, Oct 24th, 2026 , Coté keynoting.
• VMware User Group, Orlando, Oct 20-22, 2026

SDT News & Community

• Join our Slack community
• Email the show: questions@softwaredefinedtalk.com
• Free stickers: Email your address to stickers@softwaredefinedtalk.com
• Follow us on social media: Twitter, Threads, Mastodon, LinkedIn, BlueSky
• Watch us on: Twitch, YouTube, Instagram, TikTok
• Book offer: Use code SDT for $20 off "Digital WTF" by Coté
• Sponsor the show
• Sponsor more podcasts with Failover Media

Recommendations

• Brandon: Trek Austin
• Matt: VESA
• Coté:
  • AI-Generated Summaries
  • Table for Two
  • Slim Daddy’s Repair

Sponsored By:

• Sentry: Sentry - use the code: sdt26 for $100 in Sentry credits for new users

Claude Opus 4.8 was published yesterday, and it was made available also via Microsoft Foundry. You can deploy Claude Opus 4.8 to Global Standard region.

Claude Opus 4.8 is our most intelligent Opus model and the best generally available model for coding and agents, with deeper reasoning for enterprise workflows.

Training cut-off date: January 2026

Key model capabilities

• Adaptive thinking is an upgrade to extended thinking that gives Claude the freedom to think as much or as little as needed depending on the task and effort level. We’ve also introduced a new effort level, xhigh.
• 1M context window: Claude Opus 4.8 supports a 1M token context window, enabling reasoning over entire codebases and carrying multi-day project context forward without frequent compaction.
• High-resolution image input: Claude Opus 4.8 processes images at up to 2576px / 3.75MP delivering sharper results on screenshots, documents, and computer use.

Claude Opus 4.8. It builds on Opus 4.7 with improvements across benchmarks, and is a more effective collaborator. It’s available today for the same price.

Opus 4.8 launches alongside several new features. Users on claude.ai now have control over the amount of effort Claude puts into a task. Claude Code has a new “dynamic workflows” feature that allows it to tackle very large-scale problems. And fast mode for Opus 4.8—where the model can work at 2.5× the speed—is now three times cheaper than it was for previous models.

Introducing Claude Opus 4.8 \ Anthropic

Input formats

Image & text input: With powerful vision capabilities, Claude Opus 4.8 can process images and return text outputs to analyze and understand charts, graphs, technical diagrams, reports, and other visual assets.

Text output: Claude Opus 4.8 can output text of a variety of types and formats, such as prose, lists, Markdown tables, JSON, HTML, code in various programming languages, and more.

Pricing

Information from Microsoft Learn:

To use Claude models in Microsoft Foundry, you must have a paid Azure subscription with a billing account in a country or region where Anthropic offers the models for purchase. 

The following subscription types are currently not supported:

• Enterprise Accounts located in South Korea
• Cloud Solution Provider subscriptions
• Azure subscriptions that don’t have an active pay-as-you-go billing method (for example, student, free trial, or startup credit–based accounts)
• Sponsored subscriptions that only use Azure credits. Note: If you have an account with a credit card on file, the credit card will be charged instead of Azure Credits.

Please do note that note. If you are like me who has sponsored subscription with Azure credits: deploying and using Claude models will be charged on your credit card instead of your subscription credits.

System Card and more resources

• Deploy and use Claude models in Microsoft Foundry (preview)
• Learn more about Claude Opus 4.8 from it’s system card.
• Claude Documentation : Visit Claude documentation for a wealth of resources on model capabilities, prompting techniques, use case guidelines, and more.
• Adaptive Thinking Guide : Understand how best to use adaptive thinking with Claude.
• Claude Prompting Resources : Check out Anthropic’s prompting tools and guides to learn how to craft prompts that elicit more helpful, nuanced responses.
• Claude Cookbooks : Check out example code for a variety of complex tasks, such as RAG from various web sources, making SQL queries, function calling, multimodal prompting, and more.