Red Hat npm packages compromised in new Mini Shai-Hulud malware wave (opens in new tab)

Unknown attackers have compromised 30+ Red Hat Cloud Services npm packages with malware that goes after credentials stored in developers’ build environment. What the malware stole and how it can spread further The compromised packages were published in two different GitHub source repositories on June 1, 2026, between 10:53 and 10:53:33 UTC and 13:44 and 13:46:47 UTC. According to Wiz Security, a specific Red Hat employee GitHub account was compromised and “pushed malicious orphan commits … Mo...