Red Hat's npm Packages Compromised in Credential-Stealing Supply Chain Attack
Key Takeaways
- ▸96 versions across 32 packages in the @redhat-cloud-services npm namespace were compromised with credential-stealing malware executed via preinstall hooks
- ▸The worm variant (Miasma) exhibited self-propagating behavior, allowing compromised systems to republish other packages with the same payload, enabling rapid contamination of 30+ packages in minutes
- ▸Initial attack vector was a compromised GitHub account with access to Red Hat's build pipeline; malicious code was injected without corresponding public source code changes
Summary
Red Hat fell victim to a sophisticated npm supply chain attack that compromised 96 versions across 32 packages in its @redhat-cloud-services namespace. Attackers used a compromised GitHub account to inject malicious code via npm preinstall hooks that automatically executed when developers or build systems installed the affected packages. The attack targeted credential theft from npm, GitHub, AWS, SSH, and other environments, cumulatively affecting packages downloaded 116,991 times per week.
The malware, identified as a new variant of the Mini Shai-Hulud worm dubbed Miasma, demonstrated sophisticated "wormable" behavior—each compromised system could identify and republish other packages with the same malicious payload, enabling the attack to spread rapidly across multiple packages within minutes. Security research firms traced the initial access to compromised GitHub infrastructure, with attackers leveraging GitHub Actions OpenID Connect (OIDC) tokens associated with the RedHatInsights/javascript-clients repository to inject preinstall hooks without corresponding changes to public source repositories.
Red Hat has since removed the affected packages. The incident underscores a critical vulnerability in the open-source software supply chain, particularly for build pipeline infrastructure, and raises questions about credential management and access controls even at major organizations. The timing coincides with Red Hat and IBM's recent announcement of Project Lightwell, a $5 billion AI-powered initiative to find and fix open-source vulnerabilities.
- The malware targeted extraction of GitHub tokens/SSH keys, AWS/GCP/Azure credentials, and Kubernetes configurations from developer machines and CI/CD systems
- Red Hat removed all affected packages; developers should audit their dependencies and secrets if they installed from the @redhat-cloud-services namespace
Editorial Opinion
This incident reveals a dangerous blind spot in open-source security: even well-resourced organizations can have their build pipelines weaponized at scale. The "wormable" nature of the Miasma variant—where each victim automatically becomes a vector for further attacks—demonstrates why supply chain security must extend beyond code review to encompassing access controls, GitHub credential hygiene, and build system isolation. Red Hat and IBM's recent $5 billion commitment to open-source security through Project Lightwell is commendable, but this attack shows that proactive vulnerability discovery means little without defensive hardening of development infrastructure itself.
