Massive NPM Supply Chain Breach Hits Red Hat Ecosystem: 32 Packages Weaponized in Seconds to Deploy Credential-Stealing Worm + Video

Listen to this Post

Featured ImageIntroduction: When Trusted Open Source Becomes a Silent Weapon

The open-source ecosystem has always been built on trust, transparency, and shared responsibility. Developers rely heavily on package registries like NPM to accelerate innovation, assuming that widely used packages are safe by default. This incident breaks that assumption in a dramatic way.

A coordinated supply chain attack targeted the Red Hat JavaScript ecosystem on NPM, injecting malicious code into 32 packages that collectively reach nearly 10 million downloads. The speed, precision, and scale of the operation suggest a highly automated compromise of trusted publishing infrastructure, turning a legitimate software supply chain into a silent credential-harvesting machine.

The Attack in Motion: 72 Seconds That Changed a Trusted Ecosystem

The attackers executed one of the fastest known mass package poisoning events in recent supply chain history.

Within just 72 seconds, all 32 packages under the Red Hat Hybrid Cloud Console scope were updated with malicious versions. Security researchers from ReversingLabs believe automation played a key role in this synchronized deployment, allowing the attacker to push poisoned builds almost simultaneously across the ecosystem.

This speed not only minimized detection windows but also ensured widespread exposure before maintainers could react.

How the Breach Happened: CI/CD and Token Abuse

Early investigations from Aikido suggest the attackers may have compromised the CI/CD pipeline, potentially abusing GitHub Actions OpenID Connect (OIDC) workflows.

ReversingLabs further indicates that credentials tied to the @redhat-cloud-services NPM scope were likely exposed or stolen, giving attackers direct publishing capabilities.

By hijacking trusted automation rather than individual developer accounts, the attacker bypassed traditional security barriers and leveraged legitimate infrastructure to distribute malware.

Malicious Payload: Worm Behavior Hidden in Preinstall Scripts

The compromised packages contained a preinstall hook, meaning the malware executed immediately during installation, before the package was even used by developers.

This design ensured silent execution in build environments, CI pipelines, and developer machines without requiring manual triggering.

The payload referenced the string “Miasma: The Spreading Blight,” a known variant linked to the Mini Shai-Hulud worm family. This malware lineage has been associated with previous open-source supply chain attacks targeting developer ecosystems.

A Worm Designed for Maximum Data Harvesting

Security analysis from Socket reveals that the malware was engineered for deep credential extraction.

It actively searched for and stole:

GitHub Actions secrets

NPM authentication tokens

Cloud provider credentials

Kubernetes and Vault secrets

SSH keys and Git credentials

Local configuration and environment files

Once collected, the data was exfiltrated to attacker-controlled infrastructure. In some cases, stolen credentials were also published to newly created public GitHub repositories as a fallback persistence mechanism.

This dual-exfiltration strategy ensured data survival even if primary command-and-control channels were disrupted.

Propagation and Lateral Movement Through GitHub

The malware did not stop at passive theft.

It attempted to use stolen GitHub tokens to enumerate repositories, modify workflows, and inject malicious JavaScript payloads into project files such as index.js.

This behavior indicates a worm-like propagation model, where infected environments become new distribution nodes.

Ox Security reports that at least 210 repositories showed evidence of credential leakage, suggesting that the real infection scale may extend far beyond initial estimates.

Origins and Evolution of the Threat Actor

Evidence suggests the attacker had previously infected a repository on May 29, likely as a controlled test of capability.

The malware also appears to be connected to the Mini Shai-Hulud ecosystem, which was reportedly open-sourced by its creators in a controversial move that encouraged reuse in supply chain attacks.

This represents a disturbing evolution: attack frameworks are now being openly shared, lowering the barrier for less sophisticated threat actors.

Response From Red Hat and NPM Ecosystem Cleanup

Following discovery, maintainers published clean versions of all affected packages and removed malicious builds from the registry.

Developers are strongly urged to:

Immediately update to safe package versions

Rotate all credentials and API keys

Revoke compromised tokens

Audit CI/CD pipelines for unauthorized modifications

Review transitive dependencies for indirect exposure

Monitor outbound network traffic for anomalies

Given the nature of the attack, compromise should be assumed even if no direct symptoms are visible.

What Undercode Say:

This attack confirms that CI/CD pipelines are now primary targets rather than secondary infrastructure

Speed of 72 seconds suggests fully automated compromise and deployment tooling

Supply chain security is shifting from prevention to detection and response models

Open-source trust assumptions are structurally weakening under modern threat models

Token-based authentication remains one of the weakest links in cloud-native systems

GitHub Actions OIDC misuse shows identity federation abuse is rising

Attackers are increasingly weaponizing legitimate developer workflows

Preinstall scripts remain one of the most dangerous execution vectors in package managers

10 million downloads indicates massive blast radius before detection

Security scanning tools often fail to detect behavioral payloads in install hooks

Malware reuse across ecosystems shows modular attack economy growth

Public release of malware source code accelerates attack democratization

Credential harvesting now targets entire developer ecosystems, not just endpoints

Git-based exfiltration ensures persistence even if infrastructure is taken down

Supply chain attacks are evolving into self-propagating worms

Repository-level compromise allows silent lateral movement in enterprises

Cloud credentials remain high-value targets for monetization

Kubernetes secrets exposure increases risk of infrastructure takeover

SSH key theft enables long-term stealth access

Build systems must now be treated as production-critical attack surfaces

Dependency trust chains are becoming attack graphs

Open-source maintainers face increasing pressure and burnout risk

Attackers prefer ecosystem-scale compromise over single-target attacks

Detection delays amplify impact more than sophistication alone

GitHub token abuse enables full lifecycle compromise of projects

Malware persistence strategies now include public repository planting

Supply chain defense requires behavioral runtime analysis

Static scanning is insufficient against install-time payloads

Developer machines are now primary compromise endpoints

CI runners are high-value ephemeral attack targets

Automation increases attacker scalability dramatically

Credential rotation policies are still inconsistently enforced

Transitive dependencies are blind spots in enterprise security

Attack attribution is increasingly difficult in open ecosystems

Modular malware frameworks enable rapid attack replication

Open-source ecosystems require cryptographic signing enforcement

Package registries are becoming strategic cyber warfare targets

Security telemetry must extend into install lifecycle

Multi-layer exfiltration ensures attacker resilience

This incident signals a shift toward self-spreading supply chain worms

❌ The exact identity of the attacker remains unconfirmed; attribution is still under investigation
✅ Reports confirm 32 packages were modified and later cleaned from the registry
❌ The total number of infected systems is estimated, not precisely verified

The technical indicators of compromise are consistent across multiple security vendors, but the full scope of downstream infections is still being measured.

Prediction:

(+1) Supply chain attacks will increasingly shift toward fully automated CI/CD exploitation models, reducing human intervention to near zero
(+1) Package registries like NPM will adopt stronger signing, verification, and runtime behavioral detection systems under industry pressure
(-1) Short-term risk will remain elevated as transitive dependencies and legacy pipelines continue to expose developers to invisible compromise pathways

Deep Analysis:

Inspect installed NPM packages for suspicious lifecycle scripts
npm ls --all

Audit dependency vulnerabilities

npm audit --production

Check for unexpected preinstall or postinstall hooks

cat node_modules//package.json | grep -E "preinstall|postinstall"

Detect unexpected outbound connections from build systems

netstat -tulnp

Review GitHub Actions workflows for token misuse

find .github/workflows -type f -name ".yml"

Rotate NPM authentication tokens

npm token revoke

Reinstall clean dependency tree

rm -rf node_modules package-lock.json && npm install

Scan CI/CD logs for credential exposure

grep -Ri "secret|token|key" /var/log/

Verify package integrity hashes

npm install --ignore-scripts

▶️ Related Video (72% Match):

🕵️‍📝Let’s dive deep and fact‑check.

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

References:

Reported By: www.securityweek.com
Extra Source Hub (Possible Sources for article):
https://www.discord.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube