Dozens of Red Hat packages backdoored through its official NPM channel
Summary
Ars Technica reports a supply-chain attack in which Red Hat’s official NPM channel was compromised, allowing a worm to backdoor dozens of packages. The malware, dubbed Shai-Hulud, targeted CI/CD credentials and other secrets, spreading via republished packages and aiming to access cloud services and repositories. Red Hat has removed the malicious packages, and researchers warn that such attacks underscore the risk of trusted open-source channels and the need for strengthened CI/CD and credential safeguards.