Dozens of Red Hat packages backdoored through its official NPM channel

Official Red Hat NPM accounts have been compromised and used to push a malicious worm that spreads from machine to machine, ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...