Orca Security

Red Hat npm Packages Compromised in Supply-Chain Attack Spreading Credential-Stealing Worm (opens in new tab)

Covered by 3 sources See all sources covering this story including Help Net Security, thehackernews.com

A critical supply-chain attack has compromised 32 official npm packages under the @redhat-cloud-services scope, injecting a credential-stealing worm that runs automatically during package installation. Due to the severity and self-propagating nature of the malware, immediate investigation and credential rotation are required for any environment that installed the affected versions. The attack, dubbed “Miasma: The Spreading […] The post appeared first on .

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 3 articles

Help Net Security·

Red Hat npm packages compromised in new Mini Shai-Hulud malware wave

Feeds
thehackernews.com·

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Feeds
devops.com·

Shai-Hulud Clone ‘Miasma’ Compromises 32 Red Hat npm Packages

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help