SECURITYRECORDED FUTURE NEWS
Red Hat removes tainted packages after software pipeline compromise
Red Hat has removed 32 tainted packages following a compromise in their software pipeline. The malicious code was distributed through a compromised GitHub account, affecting packages downloaded approximately 117,000 times weekly.
Related Signal
Adjacent reporting
- Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
- Hackers Insert Malware Into Mistral AI Software Download
- Axios NPM Package Compromised in Precision Attack
- NPM packages from RedHat have been compromised
- Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged
- GitHub investigates unauthorized access to internal repositories