Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages
A supply chain attack targeted multiple @redhat-cloud-services npm packages by embedding malicious payloads that execute automatically during package installation via preinstall hooks. The malware uses AES-GCM encrypted payloads and obfuscated JavaScript loaders to steal sensitive credentials and secrets including GitHub Actions secrets, npm tokens, cloud provider credentials (AWS, Azure, GCP), Kubernetes and Vault data, SSH keys, Git credentials, and cryptocurrency wallet files. It can persist on developer workstations as a daemon, avoids execution in Russian locales, and exfiltrates stolen data over encrypted HTTPS with fallback to GitHub API channels. The campaign mimics tactics from the publicly available Shai-Hulud toolkit, but attribution remains unclear due to open-source availability of the attack tools. No patch or official remediation guidance is currently provided.
AI Analysis
Technical Summary
This threat involves a supply chain compromise of multiple npm packages under the @redhat-cloud-services namespace. Malicious code is executed automatically during package installation via preinstall hooks, leveraging AES-GCM encrypted payloads and obfuscated JavaScript to harvest a wide range of sensitive credentials and secrets from developer environments. The malware includes persistence mechanisms by daemonizing on infected workstations and employs locale checks to avoid Russian environments. Data exfiltration is conducted through encrypted HTTPS channels with fallback to GitHub API endpoints. The attack shares similarities with the Shai-Hulud toolkit but lacks confirmed attribution. There is no indication of known exploits in the wild or available patches at this time.
Potential Impact
The attack compromises developer environments by stealing critical credentials and secrets used for continuous integration/deployment pipelines, cloud infrastructure, source code repositories, and cryptocurrency wallets. This can lead to unauthorized access to cloud resources, source code repositories, and potentially financial theft. The persistence of the malware on developer workstations increases the risk of prolonged exposure and further compromise. The campaign's use of encrypted exfiltration channels complicates detection and response.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until official fixes or advisories are available, organizations should audit and monitor usage of @redhat-cloud-services npm packages, consider restricting or reviewing package installation policies, and verify the integrity of dependencies. Developers should be cautious with npm package sources and consider isolating build environments. No vendor advisory indicating 'no action required' or official fixes is currently available.
Indicators of Compromise
- hash: 2bec18af5f0f9cbe8949cc2bf5466dc6
- hash: d07ec47042a05fe3d684f72d2155d180
- hash: 0dc06ecdaa63fe24859cfd955053c23245c536e4733480239d14bebf12688e35
- hash: 21b6409a7b84446310daca5409ad6112ac60a1e4bef97736e53fff5f63bfdef4
- hash: 88896d478986d453f5da79b311de39d9b4b1bea95c21af1d8ef181b0f4e52fe9
- hash: ac2a2208e1726e008be6c73dc0872d9bba163319259dff1b62055ac933ca46b6
- hash: ee262510cb246d2b904991aee7fc61162bdae34463439ec6383bd5356479d362
Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages
Description
A supply chain attack targeted multiple @redhat-cloud-services npm packages by embedding malicious payloads that execute automatically during package installation via preinstall hooks. The malware uses AES-GCM encrypted payloads and obfuscated JavaScript loaders to steal sensitive credentials and secrets including GitHub Actions secrets, npm tokens, cloud provider credentials (AWS, Azure, GCP), Kubernetes and Vault data, SSH keys, Git credentials, and cryptocurrency wallet files. It can persist on developer workstations as a daemon, avoids execution in Russian locales, and exfiltrates stolen data over encrypted HTTPS with fallback to GitHub API channels. The campaign mimics tactics from the publicly available Shai-Hulud toolkit, but attribution remains unclear due to open-source availability of the attack tools. No patch or official remediation guidance is currently provided.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This threat involves a supply chain compromise of multiple npm packages under the @redhat-cloud-services namespace. Malicious code is executed automatically during package installation via preinstall hooks, leveraging AES-GCM encrypted payloads and obfuscated JavaScript to harvest a wide range of sensitive credentials and secrets from developer environments. The malware includes persistence mechanisms by daemonizing on infected workstations and employs locale checks to avoid Russian environments. Data exfiltration is conducted through encrypted HTTPS channels with fallback to GitHub API endpoints. The attack shares similarities with the Shai-Hulud toolkit but lacks confirmed attribution. There is no indication of known exploits in the wild or available patches at this time.
Potential Impact
The attack compromises developer environments by stealing critical credentials and secrets used for continuous integration/deployment pipelines, cloud infrastructure, source code repositories, and cryptocurrency wallets. This can lead to unauthorized access to cloud resources, source code repositories, and potentially financial theft. The persistence of the malware on developer workstations increases the risk of prolonged exposure and further compromise. The campaign's use of encrypted exfiltration channels complicates detection and response.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until official fixes or advisories are available, organizations should audit and monitor usage of @redhat-cloud-services npm packages, consider restricting or reviewing package installation policies, and verify the integrity of dependencies. Developers should be cautious with npm package sources and consider isolating build environments. No vendor advisory indicating 'no action required' or official fixes is currently available.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://socket.dev/blog/mini-shai-hulud-campaign-hits-red-hat-cloud-services-npm-packages"]
- Adversary
- null
- Pulse Id
- 6a1dde0e4e662ca1f8b4b0b2
- Threat Score
- null
Indicators of Compromise
Hash
| Value | Description | Copy |
|---|---|---|
hash2bec18af5f0f9cbe8949cc2bf5466dc6 | — | |
hashd07ec47042a05fe3d684f72d2155d180 | — | |
hash0dc06ecdaa63fe24859cfd955053c23245c536e4733480239d14bebf12688e35 | — | |
hash21b6409a7b84446310daca5409ad6112ac60a1e4bef97736e53fff5f63bfdef4 | — | |
hash88896d478986d453f5da79b311de39d9b4b1bea95c21af1d8ef181b0f4e52fe9 | — | |
hashac2a2208e1726e008be6c73dc0872d9bba163319259dff1b62055ac933ca46b6 | — | |
hashee262510cb246d2b904991aee7fc61162bdae34463439ec6383bd5356479d362 | — |
Threat ID: 6a1ea36de29bf47b50b81e52
Added to database: 6/2/2026, 9:33:33 AM
Last enriched: 6/2/2026, 9:48:26 AM
Last updated: 6/2/2026, 5:26:16 PM
Views: 48
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.