Several npm packages under Red Hat’s @redhat-cloud-services namespace were compromised in a supply chain attack that injected credential-stealing malware into frontend packages used by Red Hat cloud services projects.
Security firm Aikido disclosed the incident, reporting detection of the compromised packages on June 1, 2026. The attack affected 96 versions across 32 packages, which together accounted for 116,991 weekly downloads.
The malware, identified as Miasma, was embedded through a malicious preinstall script. This allowed the payload to run automatically during npm install, before application code execution and without visible warning to developers.
Aikido describes Miasma as a credential-stealing worm similar to Mini Shai-Hulud, a previously observed supply chain malware family. The payload was heavily obfuscated and placed in an index.js file, with package.json files modified to execute it automatically during installation.
The attack targeted a wide range of sensitive credentials typically found in developer and CI/CD environments. Aikido’s analysis shows the malware attempted to collect GitHub Actions tokens, AWS, Google Cloud, and Azure credentials, HashiCorp Vault tokens, Kubernetes service account tokens and kubeconfig files, npm and PyPI publishing tokens, SSH private keys, Docker registry credentials, GPG keys, and .env files.
This compromise is notable because the affected packages were published through GitHub Actions OIDC, not with traditional long-lived npm publishing tokens. Aikido states this suggests a CI/CD pipeline compromise, where attackers abused trusted publishing after gaining access to the workflow path.
Red Hat published a security bulletin, RHSB-2026-006, stating that multiple packages under the @redhat-cloud-services npm namespace were affected. The initial investigation indicates a compromised GitHub account was used to insert malicious code into packages maintained in a Red Hat GitHub organization.
Moreover, Red Hat reports that the affected packages are frontend libraries compiled and bundled into some container images during the product build process. The engineering team removed the compromised versions from npm after disclosure, and Red Hat Product Security is reviewing build systems and dependencies to determine if any product builds included the compromised versions.
Red Hat’s current bulletin states that no customer action is necessary at this time. The investigation is ongoing, and the bulletin will be updated as new information emerges.
Aikido advises developers and firms that installed affected package versions after June 1, 2026, to treat CI secrets, cloud credentials, SSH keys, and npm tokens as compromised and rotate them immediately.
The affected package list includes:
@redhat-cloud-services/chrome@redhat-cloud-services/frontend-components@redhat-cloud-services/frontend-components-config@redhat-cloud-services/frontend-components-notifications@redhat-cloud-services/insights-client@redhat-cloud-services/rbac-client@redhat-cloud-services/vulnerabilities-client- Others under the
@redhat-cloud-servicesnpm namespace.
Importantly, this incident does not affect Red Hat Enterprise Linux. It involves npm packages under Red Hat’s cloud services namespace and their associated development and publishing workflows.
Teams using the affected packages should immediately review dependency trees, lockfiles, CI logs, and build artifacts for compromised versions. Any environment where a malicious package version was installed should be considered potentially exposed, especially if installation occurred in a CI runner, developer workstation, or build system with access to secrets.
Red Hat’s investigation is still ongoing.
