New #ShaiHulud attack trojanizes 19 #science-focused #PyPI packages

https://www.bleepingcomputer.com/news/security/new-shai-hulud-attack-trojanizes-19-science-focused-pypi-packages/

#cybersecurity

Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels

Pulse ID: 6a28fbc16e4ce3f43022dd1e
Pulse Link: https://otx.alienvault.com/pulse/6a28fbc16e4ce3f43022dd1e
Pulse Author: Tr1sa111
Created: 2026-06-10 05:53:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #ICS #InfoSec #OTX #OpenThreatExchange #PyPI #Worm #bot #developers #Tr1sa111

Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels

Pulse ID: 6a28fbbe58c41899fd74c0f6
Pulse Link: https://otx.alienvault.com/pulse/6a28fbbe58c41899fd74c0f6
Pulse Author: Tr1sa111
Created: 2026-06-10 05:53:02

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #ICS #InfoSec #OTX #OpenThreatExchange #PyPI #Worm #bot #developers #Tr1sa111

uv allows me to install python pkgs directly from github.

should i push mine to pypi or i can just use github too?

#pypi #python #uv #pip

Hear from PSF's @pypi Support Specialist Maria Ashna on what her day-to-day looks like, how she cleared multiple months-long backlogs, and the future of PyPI Orgs in this Behind the Commit episode from Mia Bajić.

▶️ https://www.youtube.com/watch?v=OGIznDrFa2U

#Python #PyPI #OpenSource

PyPI Packages Poisoned in Hades Supply Chain Attack

Malicious actors have launched a supply-chain attack on the Python Package Index (PyPI), infecting 19 packages with 37 tainted versions that can download and execute a hidden JavaScript payload. This sneaky Hades campaign uses poisoned Python packages to spread its reach, putting developers and users at risk.

https://osintsights.com/pypi-packages-poisoned-in-hades-supply-chain-attack?utm_source=mastodon&utm_medium=social

#SupplyChain #Pypi #Hades #Python #EmergingThreats

Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels

A sophisticated supply chain attack campaign has expanded to 471 affected artifacts across npm and PyPI, targeting developers through malicious packages. The campaign uses three distinct delivery methods: executable .pth startup hooks, trojanized native .abi3.so extensions that execute at import time, and a split loader-payload architecture that searches Python's sys.path. Twenty-three newly identified PyPI packages masquerade as bioinformatics tools, AI frameworks, and popular libraries like requests and Flask. The attack deploys heavily obfuscated JavaScript stealers via Bun runtime, harvesting high-value credentials including GitHub tokens, npm registry access, cloud credentials, SSH keys, and CI/CD secrets. The malware employs anti-analysis techniques with fake LLM prompt-injection headers designed to disrupt AI-assisted security scanners, while targeting developer workstations and automated build environments.

Pulse ID: 6a2719a5f6621cb5014a256d
Pulse Link: https://otx.alienvault.com/pulse/6a2719a5f6621cb5014a256d
Pulse Author: AlienVault
Created: 2026-06-08 19:36:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CyberSecurity #GitHub #ICS #InfoSec #Java #JavaScript #Malware #NPM #OTX #OpenThreatExchange #PyPI #Python #SSH #SupplyChain #Trojan #Worm #bot #developers #AlienVault

Miasma Worm Campaign Spreads with New PyPI Wave

Pulse ID: 6a279cfe3e158af45588e99b
Pulse Link: https://otx.alienvault.com/pulse/6a279cfe3e158af45588e99b
Pulse Author: Tr1sa111
Created: 2026-06-09 04:56:30

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #PyPI #Worm #bot #Tr1sa111

A new wave of the Shai-Hulud attack has been uncovered, targeting 19 PyPI packages vital for scientific computing. This campaign, tracked by Socket, uses Python's startup hooks and the Bun runtime to steal GitHub tokens, cloud credentials, and more. It highlights a critical vulnerability in the software supply chain that affects developers and researchers alike.

https://www.tpp.blog/2d4wjkk

#cybersecurity #shaihulud #pypi

🤖 This post was AI-generated.