Red Hat’s npm Namespace Hijacked in Supply Chain Attack Targeting Cloud Credentials
On June 1, an attacker hijacked Red Hat’s official npm namespace (@redhat-cloud-services) to distribute backdoored versions of 32 widely used packages, compromising a trusted software supply chain. The malicious releases published within a 72-second window impacted components of Red Hat’s Hybrid Cloud Console ecosystem, including UI tools, API clients, and build utilities, with a combined total of nearly 10 million downloads.
Unlike typical typosquatting attacks, the threat actor took control of a legitimate namespace, replacing authentic packages with versions containing hidden malware. The payload, a variant of the Mini Shai-Hulud worm (tracked as Miasma by Aikido Security), executed via obfuscated preinstall scripts, meaning exposure occurred simply by installing or building the package regardless of whether it was used in production.
The malware targeted sensitive credentials, including cloud provider keys, CI/CD tokens, and npm authentication details, while also attempting to propagate by republishing backdoored versions of other accessible packages using stolen publishing tokens.
Notably, the attack exploited GitHub Actions OIDC tokens, suggesting the compromise originated in the build pipeline rather than a developer’s personal account. This method subverted "trusted publishing," a security feature designed to replace long-lived npm tokens with short-lived, build-issued credentials. The incident highlights how pipeline breaches can undermine even hardened security controls.
By the time researchers analyzed the activity, Red Hat had released clean versions of all affected packages, and the malicious releases were removed from npm. However, any project that installed the compromised versions or ran an install before their removal remains at risk, as the payload executes during installation. Organizations affected were advised to treat systems as potentially compromised and rotate exposed credentials.
Source: https://www.infosecurity-magazine.com/news/red-hat-npm-scope-backdoored/
Organizations using Red Hat’s compromised npm packages TPRM report: https://www.rankiteo.com/company/aikido-security
"id": "aik1780403445",
"linkid": "aikido-security",
"type": "Cyber Attack",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Organizations using the '
'compromised npm packages',
'industry': 'Technology, Cloud Services',
'name': 'Red Hat',
'type': 'Company'}],
'attack_vector': 'Namespace hijacking, malicious package distribution',
'customer_advisories': 'Projects installing compromised packages urged to '
'rotate credentials and verify systems.',
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Credentials (cloud provider '
'keys, CI/CD tokens, npm tokens)'},
'date_detected': '2024-06-01',
'description': 'On June 1, an attacker hijacked Red Hat’s official npm '
'namespace (@redhat-cloud-services) to distribute backdoored '
'versions of 32 widely used packages, compromising a trusted '
'software supply chain. The malicious releases published '
'within a 72-second window impacted components of Red Hat’s '
'Hybrid Cloud Console ecosystem, including UI tools, API '
'clients, and build utilities, with a combined total of nearly '
'10 million downloads. The malware targeted sensitive '
'credentials, including cloud provider keys, CI/CD tokens, and '
'npm authentication details, while also attempting to '
'propagate by republishing backdoored versions of other '
'accessible packages using stolen publishing tokens.',
'impact': {'brand_reputation_impact': 'High (trusted namespace compromise)',
'data_compromised': 'Cloud provider keys, CI/CD tokens, npm '
'authentication details',
'operational_impact': 'Potential credential exposure, risk of '
'further compromise',
'systems_affected': 'Projects installing or building the '
'compromised npm packages'},
'initial_access_broker': {'backdoors_established': '32 backdoored npm '
'packages',
'entry_point': 'GitHub Actions OIDC tokens',
'high_value_targets': 'Cloud credentials, CI/CD '
'tokens, npm publishing '
'tokens'},
'investigation_status': 'Ongoing (malicious packages removed, clean versions '
'released)',
'lessons_learned': 'Pipeline breaches can undermine trusted publishing '
'controls; preinstall scripts pose significant risks in '
'supply chain attacks.',
'motivation': 'Credential theft, lateral movement',
'post_incident_analysis': {'corrective_actions': 'Credential rotation, '
'pipeline security audits, '
'enhanced monitoring for '
'package modifications',
'root_causes': 'Exploitation of GitHub Actions '
'OIDC tokens, subversion of trusted '
'publishing'},
'recommendations': 'Rotate exposed credentials, audit build pipelines for '
'OIDC token security, monitor for unauthorized package '
'modifications.',
'references': [{'source': 'Aikido Security'}],
'response': {'communication_strategy': 'Advisories to affected organizations',
'containment_measures': 'Malicious packages removed from npm, '
'clean versions released',
'remediation_measures': 'Credential rotation for exposed systems',
'third_party_assistance': 'Aikido Security (research)'},
'stakeholder_advisories': 'Organizations advised to treat systems as '
'potentially compromised and rotate credentials.',
'title': 'Red Hat’s npm Namespace Hijacked in Supply Chain Attack Targeting '
'Cloud Credentials',
'type': 'Supply Chain Attack',
'vulnerability_exploited': 'GitHub Actions OIDC tokens, trusted publishing '
'subversion'}