Red Hat
Coverage of Red Hat in the Nexus archive.
- NASA tests AI medic for astronauts too far from Earth to call a doctor
NASA is testing an AI clinical decision support system called CMO-DA, powered by Red Hat's RamaLama, to assist astronauts with medical diagnoses and treatments during deep-space missions. The system runs on a terrestrial twin of HPE's Spaceborne Computer aboard the ISS and processes text and visual data without Earth-based infrastructure.
- New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
A flaw in the Linux kernel's traffic-control subsystem allows unprivileged users to gain root access via an out-of-bounds write vulnerability (CVE-2026-46331), nicknamed 'pedit COW'. A public exploit emerged quickly after the CVE was assigned on June 16, and Red Hat has rated the flaw as a security risk.
- Miasma worms its way onto GitHub as attack kit goes open source
The Miasma worm, a supply-chain attack toolkit, was open-sourced on GitHub via compromised developer accounts, enabling attacks on public registries and repositories. SafeDep identified the malicious repositories, which allow credential-based attacks on platforms like PyPI, npm, and GitHub, following a pattern similar to TeamPCP's earlier mini Shai-Hulud worm. The release has raised concerns about supply-chain security, with 473 affected package artifacts tracked by Socket.
- Exclusive: IBM CEO backs Trump's narrowed AI executive order
IBM CEO Arvind Krishna endorsed the Trump administration's narrowed AI executive order, advocating for light government regulation to avoid stifling innovation. The order focuses on strengthening cybersecurity without mandating AI companies to share model details, while IBM has invested in AI-driven safeguards for open source software.
- Red Hat removes tainted packages after software pipeline compromise
Red Hat has removed 32 tainted packages following a compromise in their software pipeline. The malicious code was distributed through a compromised GitHub account, affecting packages downloaded approximately 117,000 times weekly.
- Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
Security researchers discovered malware in 32 Red Hat npm package releases, which were downloaded 80,000 times weekly. The Mini Shai-Hulud worm, linked to TeamPCP, was embedded via a compromised GitHub account, stealing credentials and enabling supply chain propagation. Red Hat removed the packages, stating they were internal and not used in customer systems.
- Red Hat npm packages compromised to steal developer credentials
More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed 'Miasma'.
- Dozens of Red Hat packages backdoored through its official NPM channel
Red Hat's official NPM accounts were compromised to distribute malicious packages stealing credentials. Over 30 packages were affected in a supply-chain attack identified by security firm Aikido.
- Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
A supply chain attack named Miasma has compromised Red Hat npm packages, using a credential-stealing worm with tactics similar to the Mini Shai-Hulud campaign. The attack includes install-time execution, credential harvesting, and encrypted data exfiltration.
- QEMU mulls relaxing AI contribution ban
QEMU is considering relaxing its ban on AI-generated contributions to allow limited AI assistance in areas with minimal copyright risk, such as small bug fixes and documentation. The proposal, suggested by Red Hat engineer Paolo Bonzini, acknowledges improved AI tools and a shift in risk balance, while maintaining restrictions on core code contributions without maintainer approval.
- That an app 'Fits on a Floppy' is still a useful measure in 2026
The 'Fits on a Floppy' manifesto advocates for small, simple software by emphasizing compactness and comprehensibility, arguing that artificial size limits reduce unnecessary complexity in modern IT. It references examples like the Trifecta Technology app (1.7 MB Docker file) and critiques trends like blockchain and AI hype as modern 'industry BS.'
- Dirty Frag, Copy Fail, Fragnesia: The start of a worrisome Linux security trend
The article discusses how AI tools are accelerating the discovery of Linux security vulnerabilities like Dirty Frag, Copy Fail, and Fragnesia, which exploit the Linux kernel's page cache. Linus Torvalds and experts warn of a potential surge in such vulnerabilities due to AI's role in exposing bugs, while others argue most recent issues are minor. The Linux community is adapting to increased transparency and public reporting of AI-discovered flaws.
- Fedora: Microsoft is all aboard, but Deepin is dumped
Microsoft has announced a new Fedora-based Linux distro for Azure VMs, while Fedora has removed the Deepin desktop environment from its distribution. This decision comes after openSUSE dropped Deepin due to security concerns. Microsoft's new distro, Azure Linux 4, will be based on Fedora.
- Red Hat blasts RHEL 10.1 into orbit aboard Voyager's micro datacenter
Red Hat Enterprise Linux 10.1 has been deployed on a datacenter in orbit around Earth, aboard Voyager's LEOcloud Space Edge micro datacenter. The system aims to demonstrate the advantages of processing data in orbit, reducing latency by up to 30 times. This marks a significant milestone in space-based data processing.
- Both Fedora and Ubuntu will get AI support – soon
Fedora and Ubuntu will soon support running local generative AI instances, with Fedora's AI Developer Desktop Objective aiming to provide a platform for developers to work with AI technologies. The goal is to build a community around AI while preserving user privacy. This move has caused some discontent among contributors, but Fedora Project Lead Jef Spaleta remains resolute.
- OpenClaw Insider Builds the Enterprise Safety Layer the Project Never Shipped
Red Hat principal engineer and OpenClaw maintainer Sally O'Malley released Tank OS, a tool that isolates AI agents in containers to secure credentials and prevent interference with the host machine or other agents.
- Red Hat’s OpenClaw maintainer just made enterprise Claw deployments a lot safer
Red Hat’s OpenClaw maintainer introduced Tank OS, which containers OpenClaw AI agents to enhance reliability and safety for enterprise deployments. This innovation addresses risks in managing large fleets of AI agents by isolating them in secure environments.
- The disturbing white paper Red Hat is trying to erase from the internet
The article discusses a white paper allegedly created by Red Hat that the company is attempting to remove from the internet, sparking controversy. The piece highlights concerns about the paper's content and Red Hat's actions.
- Red Hat RHELocates its Chinese engineering team to India
Red Hat is relocating its entire Chinese engineering team to India, citing geopolitical reasons rather than downsizing. The move involves hundreds of layoffs and reflects a strategic shift in global operations.