Storia in 5 fonti

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets.

Raccontata da

Confronto fonti

5 prospettive sulla stessa storia

AI · summaries

bleepingcomputer.comStai leggendo3 g fa

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

originale

securityweek.com2 g fa

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack variants.

Leggi questa versione → originale

about.gitlab.com3 g fa

Shai-Hulud copycat campaign targets Python developers through PyPI typosquatting

GitLab’s Vulnerability Research team has uncovered a new Python supply chain attack targeting PyPI, deploying the Shai-Hulud worm to steal credentials from CI/CD systems.

Leggi questa versione → originale

darkreading.com3 g fa

'Hades' Attacks on PyPI Put New Spin on Shai-Hulud

The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the supply chain threat.

Leggi questa versione → originale

thehackernews.com3 g fa

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

Hades, a new PyPI branch of the Mini Shai-Hulud/Miasma supply chain campaign, hit 37 malicious wheels across 19 packages.

Leggi questa versione → originale

Timeline cronologica

lunedì 8 giugno 2026·darkreading.com
'Hades' Attacks on PyPI Put New Spin on Shai-Hulud
The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the supply chain threat.
lunedì 8 giugno 2026·bleepingcomputer.com
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to…
martedì 9 giugno 2026·about.gitlab.com
Shai-Hulud copycat campaign targets Python developers through PyPI typosquatting
GitLab’s Vulnerability Research team has uncovered a new Python supply chain attack targeting PyPI, deploying the Shai-Hulud worm to steal credentials from CI/CD systems.
martedì 9 giugno 2026·thehackernews.com
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
Hades, a new PyPI branch of the Mini Shai-Hulud/Miasma supply chain campaign, hit 37 malicious wheels across 19 packages.
martedì 9 giugno 2026·securityweek.com
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack variants.