Compromise of 32 Red Hat packages in the NPM directory and 1,577 packages in the AUR repository

Who are we? Red Hat! 1600x1200 redhat_en_exw.png
Who are we? Red Hat!

A good addition to the collection.
The news needs to be given time to settle, and then the details can be savored.

  • Red Hat, RED HAT, CARL!
  • GitHub Actions, as usual.
  • NPM, we’re already used to it.
  • Arch User Repository, it’s already more interesting.

The Return of Shai-Hulud: Red Hat NPM Packages Compromised.

96 versions across 32 packages have been compromised, cumulatively downloaded 116,991 times per week.

Think Fast Archlinux - Arch User Repository 1024x1024 think-fast-archlinux_exw.png
Think Fast Archlinux - Arch User Repository


1577 malicious packages in Arch User Repository.
AUR malware report thread.
Analysis of AUR malware.


What do we have as a result?
Red Hat, who would have thought?
AUR, the legitimate repository of the distribution.
If this continues, trust in the main distribution repositories will soon be lost.