Supply ChainJun 1, 2026
🚨 Possible detection of Red Hat infostealer credentials that may have been used in the npm attac...
Red Hat infostealer credentials possibly detected in npm attack.
Summary
Security researchers at Socket Security detected potential Red Hat infostealer credentials that may have been leveraged in an npm supply chain attack. The discovery suggests attackers obtained and weaponized stolen credentials to compromise npm packages or maintainer accounts.
Indicators of Compromise
- malware — Red Hat infostealer
Entities
Red Hat (vendor)npm (technology)Socket Security (vendor)