Multiple official @redhat-cloud-services npm packages were compromised with a credential-stealing worm derived from the open-sourced Mini Shai-Hulud malware, targeting cloud credentials, and developer tooling across CI/CD pipelines.
I can’t decide if this is real or an advertisement for the linked article service. I don’t see any CVE in the article which seems to be a good indication of the quality of the content.
I’m not saying that this is misinformation, but I’m extremely sceptical about the nature of this article.
I can’t decide if this is real or an advertisement for the linked article service. I don’t see any CVE in the article which seems to be a good indication of the quality of the content.
I’m not saying that this is misinformation, but I’m extremely sceptical about the nature of this article.
I did see it also here - https://thecybersecguru.com/news/red-hat-npm-packages-compromised-miasma-worm/
It can be both
Like Inception.
The article service that talks about a compromise to steal credentials that secretly steals your credentials.