1 Compromised Red Hat npm packages downloaded over 80,000 times in one week – supply chain attack still ongoing June 2, 2026