Skip to content
HN On Hacker News ↗

[SECURITY]: Malicious npm releases detected across `@redhat-cloud-services/` scope

G github.com
▲ 775 points 454 comments by kurmiashish 3w ago HN discussion ↗

Pangram verdict · v3.3

We believe that this document is fully human-written

1 %

AI likelihood · overall

Human
100% human-written 0% AI-generated
SEGMENTS · HUMAN 3 of 3
SEGMENTS · AI 0 of 3
WORD COUNT 136
PEAK AI % 1% · §1
Analyzed
Jun 1
backend: pangram/v3.3
Segments scanned
3 windows
avg 45 words each
Distribution
100 / 0%
human / AI fraction
Verdict
Human
Pangram v3.3

Article text · 136 words · 3 segments analyzed

Human AI-generated
§1 Human · 1%

Ref:

https://www.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised https://app.stepsecurity.io/oss-security-feed?q=@redhat-cloud-services

Affected Packages (updated)

Package Compromised Versions

@redhat-cloud-services/chrome 2.3.1, 2.3.2, 2.3.4

@redhat-cloud-services/compliance-client 4.0.3, 4.0.4, 4.0.6

@redhat-cloud-services/config-manager-client 5.0.4, 5.0.5, 5.0.7

@redhat-cloud-services/entitlements-client 4.0.11, 4.0.12, 4.0.14

@redhat-cloud-services/eslint-config-redhat-cloud-services 3.2.1, 3.2.2, 3.2.4

@redhat-cloud-services/frontend-components 7.7.2, 7.7.3, 7.7.5

@redhat-cloud-services/frontend-components-advisor-components 3.8.2, 3.8.4, 3.8.6

@redhat-cloud-services/frontend-components-config 6.11.3, 6.11.4, 6.11.6

@redhat-cloud-services/frontend-components-config-utilities 4.11.2, 4.11.3, 4.11.5

@redhat-cloud-services/frontend-components-notifications 6.9.2, 6.9.3, 6.9.5

@redhat-cloud-services/frontend-components-remediations 4.9.2, 4.9.3, 4.9.5

@redhat-cloud-services/frontend-components-testing 1.2.1, 1.2.2, 1.2.4

@redhat-cloud-services/frontend-components-translations 4.4.1, 4.4.2, 4.4.4

§2 Human · 1%

@redhat-cloud-services/frontend-components-utilities 7.4.1, 7.4.2, 7.4.4

@redhat-cloud-services/hcc-feo-mcp 0.3.1, 0.3.2, 0.3.4

@redhat-cloud-services/hcc-kessel-mcp 0.3.1, 0.3.2, 0.3.4

@redhat-cloud-services/hcc-pf-mcp 0.6.1, 0.6.2, 0.6.4

@redhat-cloud-services/host-inventory-client 5.0.3, 5.0.4, 5.0.6

@redhat-cloud-services/insights-client 4.0.4, 4.0.5, 4.0.7

@redhat-cloud-services/integrations-client 6.0.4, 6.0.5, 6.0.7

@redhat-cloud-services/javascript-clients-shared 2.0.8, 2.0.9, 2.0.11

@redhat-cloud-services/notifications-client 6.1.4, 6.1.5, 6.1.7

@redhat-cloud-services/patch-client 4.0.4, 4.0.5, 4.0.7

@redhat-cloud-services/quickstarts-client 4.0.11, 4.0.12, 4.0.14

@redhat-cloud-services/rbac-client 9.0.3, 9.0.4, 9.0.6

@redhat-cloud-services/remediations-client 4.0.4, 4.0.5, 4.0.7

@redhat-cloud-services/rule-components 4.7.2, 4.7.3, 4.7.5

@redhat-cloud-services/sources-client

§3 Human · 1%

3.0.10, 3.0.11, 3.0.13

@redhat-cloud-services/topological-inventory-client 3.0.10, 3.0.11, 3.0.13

@redhat-cloud-services/tsc-transform-imports 1.2.2, 1.2.4, 1.2.6

@redhat-cloud-services/types 3.6.1, 3.6.2, 3.6.4

@redhat-cloud-services/vulnerabilities-client 2.1.9, 2.1.11