Multiple official @redhat-cloud-services npm packages were compromised with a credential-stealing worm derived from the open-sourced Mini Shai-Hulud malware, targeting cloud credentials, and developer tooling across CI/CD pipelines.
Side Note: It was already believed that SSH encryption was broken by state actors since the first NSA leaks. So, people should at least always use it over another encrypted channel anyway.
Dare I ask, what ssh thing?
Side Note: It was already believed that SSH encryption was broken by state actors since the first NSA leaks. So, people should at least always use it over another encrypted channel anyway.