National Cyber Warfare Foundation (NCWF)

National Cyber Warfare Foundation (NCWF)

Researchers find several packages in the @redhat-cloud-services npm namespace shipped malware targeting credentials for GitHub Actions, AWS, GCP, and

0 user ratings

2026-06-01 18:32:04
milo
Blue Team (CND)

Rohan Prabhu / Step Security Blog:

Researchers find several packages in the @redhat-cloud-services npm namespace shipped malware targeting credentials for GitHub Actions, AWS, GCP, and others — Several packages in the @redhat-cloud-services npm scope were found to carry malicious payloads that fire via a preinstall hook on every npm install.

Rohan Prabhu / Step Security Blog:

Researchers find several packages in the @redhat-cloud-services npm namespace shipped malware targeting credentials for GitHub Actions, AWS, GCP, and others — Several packages in the @redhat-cloud-services npm scope were found to carry malicious payloads that fire via a preinstall hook on every npm install.

Source: TechMeme
Source Link: https://www.techmeme.com/260601/p51#a260601p51

Comments	new comment
Nobody has commented yet. Will you be the first?

Forum

Blue Team (CND)

Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.