Red Hat の公式 NPM チャネル経由で数十のパッケージにバックドアが埋め込まれる Dozens of Red Hat packages backdoored through its official NPM channel

Dozens of packages distributed through Red Hat's official NPM channel have been found to contain backdoors, marking one of the more alarming supply chain security incidents to emerge in recent memory. Because the compromised packages originated from a trusted, official source, the attack was particularly difficult for developers and organizations to detect through conventional vetting practices.

The attack fits the classic profile of a software supply chain compromise: rather than targeting end users directly, the attackers inserted malicious code into the distribution pipeline itself. Anyone who downloaded the affected Red Hat packages is being urged to conduct an immediate investigation of their systems, build environments, and any downstream dependencies that may have pulled in the compromised code. The precise capabilities of the backdoor and the identity of the threat actors remain under investigation, and the full scope of the incident may not be known for some time.

Red Hat occupies a position of considerable trust in the enterprise software ecosystem. As the company behind RHEL, OpenShift, and Ansible, its official channels are widely consumed by large organizations around the world. That trust is precisely what makes a compromise of this kind so consequential — when a verified, official distribution channel is weaponized, the usual signals that developers rely on to distinguish safe packages from malicious ones simply do not apply.

Supply chain attacks have become one of the defining security threats of the decade. The SolarWinds breach in 2020, the Codecov tampering incident in 2021, and the xz Utils backdoor discovered in 2024 all demonstrated how deeply damaging interference at the distribution layer can be. The npm ecosystem in particular has been a recurring target, with typosquatting campaigns and account takeovers leading to the publication of malicious package versions on a regular basis. Incidents involving compromised official organizational accounts, however, represent a harder class of problem — one where package signing and name verification offer limited protection.

Security practitioners are once again calling attention to tools and practices designed to catch exactly this kind of threat. Software composition analysis, continuous integrity verification using tools like npm audit, and code signing via frameworks such as Sigstore can help organizations detect anomalies in their dependency chains before damage is done. Software Bills of Materials (SBOMs) — inventories of all components included in a software build — are increasingly being mandated by regulators and large enterprises as a baseline control, and incidents like this one underscore their value.

The incident is also likely to prompt renewed scrutiny of how large open-source organizations manage and secure their package registries and publishing credentials. Whether through credential theft, insider threat, or a compromise of the build infrastructure itself, the root cause of the Red Hat incident will be closely examined by the broader security community. For now, the immediate priority for any team that has consumed Red Hat NPM packages recently is investigation and containment.