Dozens of Red Hat packages backdoored through its official NPM channel

# Dozens of Red Hat packages backdoored through its official NPM channel Source: [https://arstechnica.com/security/2026/06/dozens-of-red-hat-packages-backdoored-through-its-offical-npm-channel/](https://arstechnica.com/security/2026/06/dozens-of-red-hat-packages-backdoored-through-its-offical-npm-channel/) The worm, dubbed Shai\-Hulud, has all the hallmarks of malware[released](https://socket.dev/blog/teampcp-supply-chain-attack-contest)last month as freely available open source\. TeamPCP was the first group to use Shai\-Hulud, and it promoted a competition that promised a $1,000 payment to the hacker who carried out the biggest supply\-chain attack using the malware\. TeamPCP has also been behind a[rash](https://arstechnica.com/security/2026/03/self-propagating-malware-poisons-open-source-software-and-wipes-iran-based-machines/)of[previous](https://arstechnica.com/information-technology/2026/04/why-a-recent-supply-chain-attack-singled-out-security-firms-checkmarx-and-bitwarden/)[supply\-chain](https://arstechnica.com/security/2026/03/widely-used-trivy-scanner-compromised-in-ongoing-supply-chain-attack/)[attacks](https://arstechnica.com/civis/threads/a-hacker-group-is-poisoning-open-source-code-at-an-unprecedented-scale.1513165/)\. Now that the worm is in the hands of many other threat groups, supply\-chain attacks may ramp up further\. The malware devotes considerable attention to[CI/CD](https://about.gitlab.com/topics/ci-cd/)\(continuous integration/continuous delivery\) systems, which allow for faster and more reliable software releases by automating the building, testing, and deploying of code changes\. The malware spread in Monday’s attack was published through GitHub Actions OIDC \(OpenID Connect\), indicating that Red Hat’s CI/CD pipeline was compromised\. OIDC is a security measure designed to interact with cloud services through the use of temporary credentials\. Once installed, the malware targets other organizations’ CI/CD credentials\. The compromise of Red Hat’s GitHub Actions OIDC was very possibly the result of a previous supply\-chain attack that infected an employee’s machine\. In an email sent after this post went live, Red Hat said it has removed the malicious packages\. “The packages are strictly limited to internal development, and the malicious code was never published for customer consumption via the console\.redhat\.com system,” the email said\. “While our investigation is ongoing, we have not identified any impact to customer or partner environments or Red Hat production systems\.” Given the success of other recent supply\-chain attacks, anyone who touched one of the affected packages in the past 36 hours should assume compromise of their workstations, CI/CD pipelines, and all credentials for cloud services and repositories\. That means employees should drop whatever they’re doing at the moment and investigate thoroughly\. In a[recent supply\-chain attack](https://arstechnica.com/information-technology/2026/04/why-a-recent-supply-chain-attack-singled-out-security-firms-checkmarx-and-bitwarden/)that hit Checkmarx, the security firm failed to fully drive out the party responsible\. Checkmarx was then hit two more times\. The Checkmarx credentials used in the first attack came from a supply chain attack on the Trivy software developer\. The pivot to Checkmarx and its failure to fully remediate the initial breach demonstrates the difficulty of completely recovering from such security lapses and the risks that result\. Both[Socket](https://socket.dev/blog/mini-shai-hulud-campaign-hits-red-hat-cloud-services-npm-packages)and[Aikido](https://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm)have lists of affected Red Hat packages and other indicators of compromise that any potentially affected person or organization should make use of promptly\. *Story updated to add Red Hat comment\.*