Tech Times

Red Hat npm Packages Compromised, 57 More Follow: Signed Attestations Cannot Block Pipeline Hijack

Miasma compromised 32 Red Hat packages June 1 via a hijacked CI/CD pipeline producing valid SLSA attestations, then hit 57 more June 3 using Phantom Gyp to evade install monitors. Red Hat confirmed no ...
Bleeping Computer

Red Hat npm packages compromised to steal developer credentials

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, ...
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.
InfoWorld

Infected Red Hat npm packages expose developer credentials

Researchers have uncovered a new Shai-Hulud malware variant targeting Red Hat-related npm packages, spreading through ...

Red Hat hit by npm supply‑chain attack - here's how to stay safe

Days after IBM and Red Hat announced a master security plan for open-source software, Red Hat suffers a major breach of its ...
TWCN Tech News

Fix Enter network credentials error in Windows 11

Some Windows users are reporting they can’t access other Windows computer on their network because they can’t enter the credentials to connect to another computer ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...