Developers who pulled packages from Red Hat’s @redhat-cloud-services npm namespace over the weekend got a secret-stealing worm instead.
Security researchers from several cybersecurity outlets are warning of a new supply chain attack compromising over 30 Red Hat Cloud Services-related npm packages to steal credentials, authentication tokens, and other secrets from developer environments.
The campaign, which Wiz researchers are tracking as Miasma, is thought to be the latest evolution of Shai-Hulud, a self-propagating malware family that has repeatedly surfaced in software supply chain attacks targeting the npm ecosystem.
“Investigation revealed that at least 32 package releases contained unau...