Scoopfeeds — Intelligent news, curated.
Dozens of Red Hat packages backdoored through its official NPM channel
computer-science

Dozens of Red Hat packages backdoored through its official NPM channel

Ars Technica · Jun 1, 2026, 7:49 PM

Official Red Hat NPM accounts have been compromised and used to push a malicious worm that spreads from machine to machine, where it pilfers sensitive credentials in hopes of stealing yet more confidential data, researchers said. The supply-chain attack began Monday and remained active at the time this post went live, according to researchers at security firm Aikido. It’s the result of the threat actor responsible for the hack taking control of @redhat-cloud-services, a legitimate channel in the npm repository that’s reserved for official Red Hat packages. As such, the channel is widely trusted by developers who rely on Red Hat cloud services. The vicious cycle of today’s supply-chain attacks It’s unclear precisely how the threat actor took control of the namespace, but it almost certainly involved the compromise of credentials required to access it, possibly through a previous supply-chain attack. More than 30 packages seem to be affected.Read full article Comments

Article preview — originally published by Ars Technica. Full story at the source.
Read full story on Ars Technica → More top stories

More in computer-science

TechCrunch
Defense tech darling Mach Industries hits $1.8B valuation, a 4x jump in a year
Ars Technica
Why cats prefer silver vine to catnip and other May highlights
Ars Technica
Moderna gets $50 million to develop mRNA Ebola vaccine against Bundibugyo
Hacker News
Alphabet Announces $80B Equity Capital Raise to Expand AI Infra and Compute
Ars Technica
Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts
Aggregated and edited by the Scoop newsroom. We surface news from Ars Technica alongside other reporting so you can compare coverage in one place. Editorial policy · Corrections · About Scoop