npm: 32 Official '@redhat-cloud-services' Packages Hijacked in Coordinated Scope Compromise

Key findings

• 32 legitimate packages under the @redhat-cloud-services npm scope were simultaneously compromised
• Affected packages include high-download libraries active for over 7 years, such as rbac-client
• Malicious versions were published in a single coordinated action on June 1, 2026
• Malware utilized obfuscator.io techniques and targeted local settings.json and tasks.json files
• Organizations must immediately audit lockfiles and rotate credentials exposed in build pipelines

On June 1, 2026, a massive coordinated security incident hit the npm registry as 32 malicious packages under the official @redhat-cloud-services scope were disclosed. The malicious versions were all published at the exact same instant, pointing to a highly automated and coordinated campaign. Rather than a typosquatting attempt, this event represents a direct compromise of an established, legitimate publisher scope, putting numerous enterprise development pipelines at immediate risk.

This is not a collection of newly registered throwaway packages. The affected libraries are long-lived, critical pieces of infrastructure first published up to seven years ago. For example, @redhat-cloud-services/rbac-client (first published in April 2019) and @redhat-cloud-services/frontend-components-utilities (first published in May 2019) each draw over 14,000 weekly downloads. The simultaneous release of malicious versions across 32 distinct packages strongly indicates that the publishing credentials or the developer accounts associated with the @redhat-cloud-services npm organization were compromised.

The attack targeted the entire frontend and client utility ecosystem for Red Hat's cloud console. Among the hijacked packages are core components such as @redhat-cloud-services/frontend-components, @redhat-cloud-services/eslint-config-redhat-cloud-services, @redhat-cloud-services/types, and @redhat-cloud-services/host-inventory-client. In each case, the threat actor published minor patch bumps (such as releasing version 7.7.5 for a package previously on 7.7.3) to ensure that automated dependency managers would automatically pull the malicious updates.

Behavioral analysis of the malicious releases reveals indicators of automated obfuscation and environment probing. The packages contained payload scripts obfuscated using techniques associated with obfuscator.io. Once executed during the package installation phase, the malware attempted to access local development configuration files, specifically targeting settings.json and tasks.json. These files are commonly used by integrated development environments (IDEs) like VS Code to store sensitive workspace configurations, environment variables, or automated build tasks. Additionally, references to infrastructure domains like kubernetes.io suggest the malware may have been designed to detect and exfiltrate configuration details from active container orchestration environments.

The severity of this scope compromise is critical. Because these packages are deeply integrated into Red Hat's cloud console and frontend development workflows, any build system, CI/CD pipeline, or local developer machine that pulled the compromised versions must be considered fully compromised. Attackers operating with the execution context of these packages could easily harvest environment variables, cloud provider credentials, and internal npm publishing tokens.

Organizations utilizing Red Hat Cloud Services components must immediately audit their dependency trees. Security teams should inspect package-lock.json, yarn.lock, or pnpm-lock.yaml for the specific malicious versions published on June 1, 2026. Developers should pin their dependencies to known-safe versions released prior to this date, rotate all secrets and API keys exposed in affected environments, and review registry logs for unauthorized publishing activity.