Dozens of Red Hat packages backdoored through its official NPM channel
ID: d96a80f7-c45b-5a50-8da9-27604b65cfaa
STIX ID: report--d96a80f7-c45b-5a50-8da9-27604b65cfaa
Feed Name: Ars Technica Security (category)
Threat Score
The report describes an active supply-chain malware campaign centered on a worm called Shai-Hulud, released publicly and used by the threat group TeamPCP to target CI/CD pipelines (notably GitHub Actions OIDC) and harvest CI/CD and cloud credentials; Red Hat removed malicious internal packages after detection, and organizations touching affected packages are advised to assume compromise of workstations, pipelines, and credentials.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
