National Cyber Warfare Foundation (NCWF)

National Cyber Warfare Foundation (NCWF)

Researchers find packages in the @redhat-cloud-services npm namespace shipped malware that harvests credentials for GitHub Actions, AWS, GCP, Azure, a

0 user ratings

2026-06-01 19:46:04
milo
Blue Team (CND)

Rohan Prabhu / Step Security Blog:

Researchers find packages in the @redhat-cloud-services npm namespace shipped malware that harvests credentials for GitHub Actions, AWS, GCP, Azure, and others — Several packages in the @redhat-cloud-services npm scope were found to carry malicious payloads that fire via a preinstall hook on every npm install.

Rohan Prabhu / Step Security Blog:

Researchers find packages in the @redhat-cloud-services npm namespace shipped malware that harvests credentials for GitHub Actions, AWS, GCP, Azure, and others — Several packages in the @redhat-cloud-services npm scope were found to carry malicious payloads that fire via a preinstall hook on every npm install.

Source: TechMeme
Source Link: https://www.techmeme.com/260601/p51#a260601p51

Comments	new comment
Nobody has commented yet. Will you be the first?

Forum

Blue Team (CND)

Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.