Dozens of Red Hat packages backdoored through its offical NPM channel
Posted by sheep5555@reddit | sysadmin | View on Reddit | 19 comments
https://arstechnica.com/security/2026/06/dozens-of-red-hat-packages-backdoored-through-its-offical-npm-channel/
Yikes!
BrokenPickle7@reddit
Man, cyber security has been shit lately in terms of operating systems. I blame AI.
Kortok2012@reddit
Funny how they got the AI to find and exploit weaknesses, but it sure does a piss poor job of patching them.
TrueRedditMartyr@reddit
Faster to have a robot patrol a wall real quick looking for a hole rather than fill every single hole in a wall
TuxAndrew@reddit
Shouldn’t they also be able to scan their own systems for those same holes?
TrueRedditMartyr@reddit
Yes, but again, scanning 100s of miles of wall and patching every single hole is a lot harder than scanning 100s of miles needing to find only a single hole.
Fixing a hole you need to do it in a way you dont cause any others, fast enough that you have time to keep going, and often enough to close anything new.
Finding a whole you need to find a hole. Its the classic "You needed to get lucky every time. I needed to get lucky once"
HabitAltruistic5648@reddit
I’ve never seen a better example of the whole problem with AI
linkoid01@reddit
Some were the result of social engineering over the course of months and even years.
Ancient-Bat1755@reddit
Which ironically, social engineering and phishing attacks are often automated via ai now.
unixuser011@reddit
I’m tired, boss
Guessing it was TeamPCP who’s been doing similar supply chain attacks before
ITRabbit@reddit
We are never going to stop the zero days. But we can control what servers can and cannot communicate to. Stop having a flat network that can access everything and anything.
But this is a pipe dream we usually inherited a cluster f and have to play politics with managers CFOs and CEOs - then they go puckered face when they get breached... how could this have happened uwu :s
I dont know CFO Bob but maybe it was the lack of funding, staff and cost cutting to get your end of year bonus for your cruise ship holiday!
Hotshot55@reddit
But that means I have to do more work!!
Kuipyr@reddit
It’s honestly stupid easy on Linux to isolate hosts. Windows however…
PictureFamiliar1267@reddit
How is it tough for Windows?
SmasherOfDaButtons@reddit
Nah, just let AI fix the problem. AI can fix it, right? Right?? /KindamaybesortaS
Immutable-State@reddit
Another example of why one should disable NPM scripts globally by default (until you're quite sure you need it and understand the risks). Many attacks come through install scripts, comparatively fewer seem to come through the code payloads (for now).
Fox_Season@reddit
Can we just remove npm from the internet
matjam@reddit
I’m willing to consider it
What did you have in mind? Nuke it from orbit? It’s really the only way to be sure.
VoidSnug@reddit
Why is it alway npm?
safalafal@reddit
https://xeiaso.net/shitposts/no-way-to-prevent-this/supply-chain/2026-redhat-javascript-clients/