Slow Fog: Red Hat cloud service npm package suffers from active supply chain attacks, with stolen credentials found in over 300 GitHub repositories
SlowMist has issued a security alert, detecting an active npm supply chain attack targeting @redhat-cloud-services related packages. Currently, over 31 packages have been confirmed affected, with a weekly download volume of approximately 116,000 times, and stolen credentials exist in more than 300 GitHub repositories. This attack method is highly similar to the previous "Shai-Hulud" npm attack, including credential theft, creation of malicious repositories, and automated secret leakage. New suspicious repositories continue to emerge, indicating that the attack is still ongoing, and developers are still being continuously infected.
Potential harms include: theft of GitHub/npm tokens, leakage of AWS/GCP/Azure cloud credentials, collection of SSH keys and Kubernetes secrets, leakage of local environment and wallet data, creation of malicious repositories and persistence operations, and even potentially destructive actions after tokens are revoked. It is recommended to immediately remove or downgrade affected @redhat-cloud-services package versions, conduct a comprehensive audit of CI/CD workflows and dependency installations, rotate all GitHub, npm, cloud service, SSH, and wallet-related keys, retain logs, and rebuild exposed developer machines or Runners from clean images while maintaining a high level of vigilance.
You may also like
Morning Report | Coinbase Ventures makes its first investment in ENA; SpaceX plans to set the IPO price at $135 per share
Full text and analysis of the speech by the CEO of SanDisk at the 42nd Annual Strategic Decision Conference of Bernstein
Bitcoin Price Prediction 2030: Ark Invest Forecasts $710K
WEEX Review 2026: Fees, Security and Trading Features
SOL Price Today: Live Solana Price, Charts & Market Data
What Is a Bitcoin ETF: Spot vs Futures Explained
Why Is Bitcoin Dropping 15% While Nasdaq Hits Record Highs?
Morning Report | Robinhood completes acquisition of WonderFi for $180 million; Anthropic submits IPO draft application to SEC confidentially; Google plans to raise $80 billion in financing
WSJ: Hyperliquid is becoming Wall Street's crypto "convenience store"
Why do I still have confidence in ETH?
CRCL surges and plummets, COIN follows with a dive: The real battle for interests behind the CLARITY Act
Tokenized US stocks are not the "liquidity killer" of the crypto market
What Is TradFi and Why Is Everyone Talking About It in 2026?
From Poland to Paris: A Look Back at WEEX's Global Community Journey in May 2026
WEEX WXT Eco Carnival: How to Join WXT Events and Plan Trading Tasks
The WEEX WXT Eco Carnival is an ecosystem campaign built around WEEX Token (WXT), designed for users interested in platform tokens, spot trading, futures trading, deposit tasks, and referral rewards.
Morning Report | Strategy sold 32 BTC and over 800,000 shares of MSTR last week; Binance officially announced its U.S. stock trading portal; Polymarket reached an exclusive partnership with OneFootball
Zhou Hang: How much is SpaceX really worth?
IOSG: From Coinbase to Upbit: How a Token Completes a 28-Day Journey of Taking Over
Morning Report | Coinbase Ventures makes its first investment in ENA; SpaceX plans to set the IPO price at $135 per share
Full text and analysis of the speech by the CEO of SanDisk at the 42nd Annual Strategic Decision Conference of Bernstein
Bitcoin Price Prediction 2030: Ark Invest Forecasts $710K
WEEX Review 2026: Fees, Security and Trading Features
SOL Price Today: Live Solana Price, Charts & Market Data
What Is a Bitcoin ETF: Spot vs Futures Explained
Popular coins
Latest Crypto News
