Red Hat has confirmed a supply chain compromise affecting multiple packages published under the @redhat-cloud-services npm namespace, disclosed publicly on June 1, 2026. The incident involves unauthorized code injection into frontend libraries maintained within a Red Hat GitHub organization, raising serious concerns about downstream product integrity. Preliminary forensic analysis points to a compromised GitHub account as the entry point. […]
The post Red Hat Confirms Supply Chain Breach of npm Packages appeared first on Cyber Security News.