Red Hat Confirms Supply Chain Compromise of @redhat-cloud-services npm Packages

Red Hat has officially confirmed a supply chain compromise affecting multiple packages published under the @redhat-cloud-services npm namespace, disclosed publicly on June 1, 2026.

A compromised GitHub account was used to inject malicious code into frontend libraries maintained within a Red Hat GitHub organization, raising significant concern across enterprise environments that depend on these packages during container image builds.

According to Red Hat’s security bulletin RHSB-2026-006, unauthorized commits were pushed to repositories within the RedHatInsights GitHub organization using a compromised developer account.

The affected packages are frontend libraries that get compiled and bundled into container images during the Red Hat product build process, making the attack vector particularly dangerous due to its deep integration into downstream build pipelines. Red Hat engineering acted swiftly by removing the compromised versions from npm following the initial disclosure.

Threat intelligence from OX Security reveals that the malware behind this supply chain compromise is the sophisticated Shai-Hulud infostealer, a campaign far more advanced than typical npm malware.

While conventional npm malware operates with one to three execution stages, Shai-Hulud deploys a six-stage payload delivery chain that loops back on itself in an endless execution cycle.

The attack begins with an obfuscated index.js payload that proceeds through decryption and decoding stages and ultimately drops 15 distinct payloads including memory dump tools, token monitors, Claude API hooks, and a GitHub-based payload dropper.

GitHub Used as an Adaptive C2 Server

One of the most alarming aspects of Shai-Hulud is its abuse of GitHub as a live Command-and-Control (C2) infrastructure. Rather than merely hosting exfiltrated data, the threat actor stores malicious code in GitHub repositories and uses commits tagged with the string “firedalazer” as a dynamic payload delivery mechanism.

This means that even after one account is blocked, another can seamlessly take over by pushing new commits, making the campaign highly resilient.

OX Security also identified two distinct variants of the malware identified by a subtle difference: the string “Miasma: The Spreading Blight” (no space after colon) in Stage 3, versus “Miasma : The Spreading Blight” (with space) in the Stage 6 alternate payload, a detail that can cause detection tools relying on exact string matching to miss infections.

Red Hat Product Security is actively conducting build system and dependency tracking analysis to confirm whether any product builds incorporated the compromised package versions.

Based on current findings, no customer action is required at this time, though the investigation remains ongoing. Organizations are advised to monitor for known Shai-Hulud IoCs, including the “firedalazer” commit string, Miasma-related strings, and the documented encryption keys and public key pairs published by OX Security.

Free Webinar on OWASP API Top 10 and Guide to Close Visibility Gaps With WAAP