At least 32 packages in an official Red Hat namespace were reported compromised, showing how a single poisoned dependency can turn routine installs into a secret-harvesting event.
A hacking group’s release of Shai-Hulud worm source code raises the risk of reuse, copycat abuse, and fresh pressure on developer ecosystems.