SecurityThe Register4 days ago

Red Hat npm packages infected with Shai-Hulud worm

3 min read

Mini Shai-Hulud worm infiltrated 32 Red Hat Cloud Services npm packages. The malware spread via compromised GitHub account of a Red Hat employee. Affected packages are downloaded 80,000 times weekly. Security researchers from Wiz traced the attack to orphan commits in two RedHatInsights repositories. The breach bypassed code review by pushing malicious commits to public repositories.

Level

Hype check

Tap to vote and see what everyone thinks.

#redhat #npm #shai-hulud

Read full story

More to chew on!

AIabout 11 hours ago

New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

Security4 days ago

Red Hat npm packages compromised to steal developer credentials