Storia in 7 fonti

31 paquetes npm de Red Hat comprometidos roban credenciales de nube

StepSecurity detectó 31 paquetes del scope @redhat-cloud-services en npm publicados con código malicioso que roba credenciales de nube. Qué pasó y cóm

Raccontata da

Confronto fonti

6 prospettive sulla stessa storia

AI · summaries

dev.toStai leggendo1 g fa

31 paquetes npm de Red Hat comprometidos roban credenciales de nube

StepSecurity detectó 31 paquetes del scope @redhat-cloud-services en npm publicados con código malicioso que roba credenciales de nube. Qué pasó y cóm

originale

bleepingcomputer.com18 h fa

Red Hat npm packages compromised to steal developer credentials

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed "Miasma."

Leggi questa versione → originale

ilsoftware.it1 g fa

Attacco a Red Hat: malware nascosto nei pacchetti npm, a rischio credenziali cloud

Pacchetti Red Hat Cloud Services compromessi su npm: furto di segreti CI/CD, token cloud, worm e mitigazioni.

Leggi questa versione → originale

infoworld.com18 h fa

Infected Red Hat npm packages expose developer credentials

Researchers have uncovered a new Shai-Hulud malware variant targeting Red Hat-related npm packages, spreading through software publishing ecosystems for persistence and credential theft.

Leggi questa versione → originale

securityweek.com6 h fa

Supply Chain Attack Hits 32 Red Hat NPM Packages

32 Red Hat NPM packages compromised in 72-second attack; malware steals GitHub/npm tokens, cloud credentials impacting ~10M downloads. Supply chain attack escalation; immediate credential rotation and dependency audits critical for all JavaScript-using teams.

Leggi questa versione → originale

arstechnica.com20 h fa

Dozens of Red Hat packages backdoored through its offical NPM channel

Red Hat NPM account (@redhat-cloud-services) compromised; >30 packages execute install-time malware stealing GitHub/npm/K8s/Vault secrets. The worm spreads to other accounts via infected machines, making any installation a supply-chain risk regardless of usage.

Leggi questa versione → originale

Timeline cronologica

lunedì 1 giugno 2026·dev.to
31 paquetes npm de Red Hat comprometidos roban credenciales de nube
StepSecurity detectó 31 paquetes del scope @redhat-cloud-services en npm publicados con código malicioso que roba credenciales de nube. Qué pasó y cóm
lunedì 1 giugno 2026·ilsoftware.it
Attacco a Red Hat: malware nascosto nei pacchetti npm, a rischio credenziali cloud
Pacchetti Red Hat Cloud Services compromessi su npm: furto di segreti CI/CD, token cloud, worm e mitigazioni.
lunedì 1 giugno 2026·arstechnica.com
Dozens of Red Hat packages backdoored through its offical NPM channel
Anyone who has downloaded affected Red Hat packages should investigate immediately.
lunedì 1 giugno 2026·bleepingcomputer.com
Red Hat npm packages compromised to steal developer credentials
More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud…
martedì 2 giugno 2026·infoworld.com
Infected Red Hat npm packages expose developer credentials
Researchers have uncovered a new Shai-Hulud malware variant targeting Red Hat-related npm packages, spreading through software publishing ecosystems for persistence and credential…
martedì 2 giugno 2026·securityweek.com
Supply Chain Attack Hits 32 Red Hat NPM Packages
Hackers published 96 malicious versions across 32 Red Hat NPM packages in a supply chain attack similar to Mini Shai-Hulud.
martedì 2 giugno 2026·heise.de
Red-Hat-Infostealer kommt auf mehr als 100.000 Downloads
Die Managed Cloud Services von Red Hat waren das Ziel einer Lieferkettenattacke. Dahinter steckt ein Klon des npm-Wurms Mini Shai‑Hulud.

31 paquetes npm de Red Hat comprometidos roban credenciales de nube

Red Hat npm packages compromised to steal developer credentials

Attacco a Red Hat: malware nascosto nei pacchetti npm, a rischio credenziali cloud

Infected Red Hat npm packages expose developer credentials

Supply Chain Attack Hits 32 Red Hat NPM Packages

Dozens of Red Hat packages backdoored through its offical NPM channel

Timeline cronologica

31 paquetes npm de Red Hat comprometidos roban credenciales de nube

Attacco a Red Hat: malware nascosto nei pacchetti npm, a rischio credenziali cloud

Dozens of Red Hat packages backdoored through its offical NPM channel

Red Hat npm packages compromised to steal developer credentials

Infected Red Hat npm packages expose developer credentials

Supply Chain Attack Hits 32 Red Hat NPM Packages

Red-Hat-Infostealer kommt auf mehr als 100.000 Downloads

31 paquetes npm de Red Hat comprometidos roban credenciales de nube

Red Hat npm packages compromised to steal developer credentials

Attacco a Red Hat: malware nascosto nei pacchetti npm, a rischio credenziali cloud

Infected Red Hat npm packages expose developer credentials

Supply Chain Attack Hits 32 Red Hat NPM Packages

Dozens of Red Hat packages backdoored through its offical NPM channel

Timeline cronologica

31 paquetes npm de Red Hat comprometidos roban credenciales de nube

Attacco a Red Hat: malware nascosto nei pacchetti npm, a rischio credenziali cloud

Dozens of Red Hat packages backdoored through its offical NPM channel

Red Hat npm packages compromised to steal developer credentials

Infected Red Hat npm packages expose developer credentials

Supply Chain Attack Hits 32 Red Hat NPM Packages

Red-Hat-Infostealer kommt auf mehr als 100.000 Downloads