News Score: Score the News, Sort the News, Rewrite the Headlines

Multiple redhat-cloud-services npm Packages compromised - StepSecurity

On June 1, 2026, StepSecurity found that several packages in the @redhat-cloud-services npm scope were shipping malware that runs automatically on every npm install, before any application code executes. The payload is a multi-stage credential harvester that sweeps GitHub Actions secrets along with AWS, GCP, Azure, Kubernetes, HashiCorp Vault, npm, and CircleCI tokens, and it is purpose-built to evade detection, including an explicit attempt to bypass StepSecurity Harden-Runner.StepSecurity anal...

Read more at stepsecurity.io

© News Score  score the news, sort the news, rewrite the headlines