Supply Chain Attack Compromises 30+ Red Hat npm Packages, Steals Developer Credentials
What Happened — Attackers hijacked a Red Hat employee’s GitHub account and used a malicious GitHub Actions workflow to publish back‑doored versions of more than 30 npm packages under the @redhat‑cloud‑services namespace. The packages contained a pre‑install script that executed the “Miasma” malware, harvesting cloud API keys, SSH keys, CI/CD tokens, and other developer secrets. Red Hat removed the packages after discovery and reports no impact to customer or production environments.
Why It Matters for TPRM —
- Supply‑chain compromise of a trusted vendor can expose your own development pipelines to credential theft.
- Malicious npm packages can propagate quickly (≈117 k weekly downloads), increasing the attack surface for downstream organizations.
- Lack of visibility into third‑party publishing controls highlights the need for continuous monitoring of open‑source dependencies.
Who Is Affected — Technology SaaS providers, cloud‑hosted development platforms, CI/CD service vendors, and any organization that consumes Red Hat npm packages or similar open‑source tooling.
Recommended Actions —
- Audit all dependencies for
@redhat‑cloud‑servicespackages and replace or remove them immediately. - Enforce strict provenance checks (e.g., sigstore, npm package signing) for all third‑party libraries.
- Rotate any credentials that may have been exposed (GitHub tokens, cloud API keys, SSH keys).
- Review and tighten GitHub account and Actions permissions for your own supply‑chain processes.
Technical Notes — The compromise leveraged a stolen GitHub account to push malicious commits, adding a GitHub Actions workflow that used the id-token: write permission to obtain short‑lived OIDC tokens and publish back‑doored packages via npm’s trusted publishing endpoint. The malicious preinstall script executed a 4.2 MB obfuscated index.js payload that scraped GitHub Actions secrets, AWS, GCP, Azure credentials, HashiCorp Vault tokens, Kubernetes service‑account tokens, npm/PyPI publishing tokens, SSH keys, Docker credentials, GPG keys, and .env files. Source: BleepingComputer