Techly NewsGet the app

Get the latest tech news

Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm


Aikido Security says more than 30 official @redhat-cloud-services npm packages were compromised with a credential-stealing worm called "Miasma," a variant resembling the open-sourced Mini Shai-Hulud supply-chain malware. "The packages were published via GitHub Actions OIDC, indicating the CI/CD pipe...

None

Get the Android app

Or read this on Slashdot

Read more on:

Photo of credential

credential

Photo of red hat npm packages

red hat npm packages

Photo of red hat npm

red hat npm

Related news:

News photo

Laravel Lang packages hijacked to deploy credential-stealing malware

News photo

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

News photo

Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others

« BYD is assuming financial liability if you crash while using its self-driving tech
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked »