Key facts
- Official Red Hat NPM accounts were compromised.
- A malicious worm was distributed through these accounts.
- The worm spreads between machines and steals sensitive credentials.
- The attack targeted the @redhat-cloud-services namespace.
- Over 30 packages appear to be affected.
Supply-chain attacks, where threat actors compromise legitimate software channels to distribute malware, pose a significant risk to the software development ecosystem. By exploiting the trust developers place in official repositories like npm, attackers can gain widespread access to systems and sensitive data. This incident highlights the ongoing challenges in securing the software supply chain.