Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm
Aikido Security says more than 30 official @redhat-cloud-services npm packages were compromised with a credential-stealing worm called βMiasma,β a variant resembling the open-sourced Mini Shai-Hulud supply-chain malware. βThe packages were published via GitHub Actions OIDC, indicating the CI/CD pipeline was compromised rather than an npm β¦ β Read more