NPM packages from RedHat have been compromised

Summary

Malicious npm releases have been detected across the @redhat-cloud-services/ scope, Warehouses are impacted. According to StepSecurity, multiple RedHat Cloud Services npm packages have been compromised.

Why it matters

High

Topics

Related coverage

Hacker News Front Page

Malicious npm packages detected across Red Hat Cloud Services

6/2/2026, 1:45:43 AM

Post Stream

Flat, source-grounded posts. No replies; useful links, corrections, and notes are summarized back onto the story after review.

Type related linkopinioncorrection URL Title

Local fixture mode allows posting. Production posting requires Google login and write-rate limits.

Add post

No posts have been added to this cluster yet.

Rank history