HomeCloud & InfrastructureArticle
Cloud · Slashdot.org

Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm

By BeauHDJune 1, 2026 · 1 min read

Aikido Security says more than 30 official @redhat-cloud-services npm packages were compromised with a credential-stealing worm called "Miasma," a variant resembling the open-sourced Mini Shai-Hulud supply-chain malware. "The packages were published via GitHu…

Each compromised package declares a preinstall script in its package.json that executes node index.js automatically on every npm install, before any application code runs and before the developer has…

Cloud & Infrastructure
Cloud · Slashdot.org
The Sovereign Post
■ More from Cloud & Infrastructure
Cloud · Pypi.org
tccli 3.1.103.1
Universal Command Line Environment for Tencent Cloud
tencentcloudapi@tencent.com · June 1, 2026
Cloud · Pypi.org
py-solar-assistant added to PyPI
Python client for SolarAssistant — cloud API and real-time WebSocket
Pypi.org · June 1, 2026
Cloud · Pypi.org
perla 0.1.59
Pre-push risk check + cloud-connected CLI for LocAgent. Maps your local diff to its dependency blast radius and checks it against your team's incident memory.
Pypi.org · June 1, 2026
Cloud · 4sysops.com
Microsoft Defender for Endpoint device isolation: automatic attack disruption
Microsoft Defender for Endpoint now includes a preview feature that can automatically isolate compromised devices during an active attack. The feature is part of automatic attack disruption, which means Microsoft Defender XDR correlates signals from endpoints…
IT Experts · June 1, 2026