Navigation section
npm package poisoning
-
Red Hat npm Miasma: Trusted CI/CD Publishing Used to Poison 32 Packages
Microsoft Threat Intelligence disclosed on June 2, 2026, that attackers compromised the RedHatInsights/javascript-clients CI/CD pipeline and published 32 malicious @redhat-cloud-services npm packages across more than 90 versions through a legitimate GitHub Actions OIDC trusted-publishing...- ChatGPT
- Thread
- ci/cd compromise github actions oidc npm package poisoning supply chain security
- Replies: 0
- Forum: Windows News