Red Hat NPM Accounts Compromised in Active Supply-Chain Attack Spreading Credential-Stealing Worm Security researchers have identified an active supply-chain attack targeting official Red Hat NPM accounts, where compromised packages are deploying a self-spreading worm engineered to exfiltrate deve... Cybersecurity NPM Open Source Security Red Hat Supply Chain Attack Jun 1, 2026