Tag: pypi
-
Solana FakeFix Campaign Plants Malicious npm, PyPI Packages to Steal Dev Secrets
Recent disclosure of the “Solana FakeFix” campaign exposes a coordinated supply-chain attack that abused package registries to steal developer secrets. The campaign comprises 16 malicious npm packages and 4 PyPI packages (25 packages in total when combined with related activity) that impersonated Solana tooling, lodged typosquatted names, and used install- and import-time execution to harvest…
-
Prompt injection still drives most agentic AI security failures in production
A backdoor sat on PyPI for three hours in March 2026. Nearly 47,000 downloads occurred during the window. The compromised package, LiteLLM, serves as the language-model … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/11/owasp-prompt-injection-ai-security-failures/
-
Mini Shai-Hulud ‘Hades’ variant affects 23 PyPI package versions
Tags: pypiFirst seen on scworld.com Jump to article: www.scworld.com/news/mini-shai-hulud-hades-variant-affects-23-pypi-package-versions
-
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems.”The compromised releases shipped a *-setup.pth file that attempts to execute…
-
Shai-Hulud Malware Campaign Abuses 23 PyPI Packages in Developer-Focused Attack
A rapidly evolving supply chain campaign dubbed “Shai-Hulud” is targeting developers through malicious Python packages. Researchers have identified 23 newly weaponised PyPI artefacts, expanding the scope of the ongoing Mini Shai-Hulud, Miasma, and Hades malware operations. The latest findings highlight a shift in attacker tradecraft, combining multiple delivery techniques to compromise developer environments, CI/CD pipelines,…
-
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-shai-hulud-attack-trojanizes-19-science-focused-pypi-packages/
-
‘Hades’ Campaign Against PyPI Puts New Spin on Shai-Hulud
The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/hades-campaign-pypi-shai-hulud
-
34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
Tags: ai, attack, cloud, credentials, crypto, cyber, data, hacker, malicious, open-source, pypi, supply-chainHackers are actively abusing open-source ecosystems to steal sensitive developer data through a large-scale supply chain attack dubbed “TrapDoor,”. The campaign spans npm, PyPI, and Crates.io, leveraging 34 malicious packages and 384 versions to target developers working in cryptocurrency, DeFi, AI, and cloud environments. The attackers weaponized legitimate package installation and build mechanisms to silently…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives…
-
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware.The campaign, codenamed TrapDoor, spans more than 34 malicious packages across over 384 versions. The earliest activity was recorded on May 22, 2026, at 8:20 p.m. UTC, with new packages published to the ecosystems in waves from…
-
Hackers Compromise 34 npm, PyPI, and Crates Packages in Major Supply Chain Attack
Hackers have launched a large-scale software supply chain attack targeting developers across npm, PyPI, and Crates.io, compromising at least 34 open-source packages and hundreds of associated versions. Security researchers at Socket are tracking the campaign as “TrapDoor,” a crypto-focused credential stealer designed to infiltrate developer environments and exfiltrate sensitive data. Cross-Ecosystem Supply Chain Attack The…
-
Hackers Compromise 34 npm, PyPI, and Crates Packages in Major Supply Chain Attack
Hackers have launched a large-scale software supply chain attack targeting developers across npm, PyPI, and Crates.io, compromising at least 34 open-source packages and hundreds of associated versions. Security researchers at Socket are tracking the campaign as “TrapDoor,” a crypto-focused credential stealer designed to infiltrate developer environments and exfiltrate sensitive data. Cross-Ecosystem Supply Chain Attack The…
-
Microsoft DurableTask Python Client Targeted in TeamPCP Cyberattack
The ongoing TeamPCP software supply chain campaign has compromised the official Microsoft DurableTask Python client, a widely used package for orchestrating workflows in Python applications. Three versions of the durabletask package on PyPI, 1.4.1, 1.4.2, and 1.4.3, were identified as malicious and subsequently quarantined by PyPI after analysis by Wiz researchers. This incident highlights how attackers are…
-
Developer Workstations Are Now Part of the Software Supply Chain
Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer environments and CI/CD pipelines, including API keys, cloud…
-
OpenAI asks macOS users to update after TanStack npm supply chain attack
The actions are being taken in light of an expanding supply chain campaign impacting the popular open-source library TanStack and additional npm and PyPI packages tied to several AI companies. First seen on therecord.media Jump to article: therecord.media/openai-asks-macos-users-to-update-tanstack-npm
-
OpenAI confirms security breach in TanStack supply chain attack
OpenAI says two employees’ devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/
-
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack (Updated)
TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems. First seen on hackread.com Jump to article: hackread.com/teampcp-mistral-ai-repositories-mini-shai-hulud-attack/
-
170 npm Packages Hijacked to Steal GitHub, AWS Kubernetes Secrets
Hackers have launched a large-scale supply chain attack by compromising more than 170 npm packages and two PyPI libraries, collectively downloaded over 200 million times weekly, to steal sensitive developer and cloud credentials. The malicious npm packages contain a hidden preinstall script that silently executes during installation. This script deploys a loader, which downloads a…
-
Mini Shai-Hulud Hits TanStack npm Packages
Tags: pypiMini Shai-Hulud compromises TanStack npm packages and spreads across PyPI First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mini-shai-hulud-tanstack-npm/
-
Supply-Chain-Angriff: Hunderte von NPM- und PyPI-Paketen kompromittiert
Die Hackergruppe TeamPCP gräbt sich erneut durch unzählige NPM- und Python-Pakete und verbreitet Schadcode, der vor allem Zugangsdaten sammelt. First seen on golem.de Jump to article: www.golem.de/news/supply-chain-angriff-hunderte-von-npm-und-pypi-paketen-kompromittiert-2605-208562.html
-
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign.The affected npm packages have been modified to include an obfuscated JavaScript file (“router_init.js”) that’s designed…
-
Microsoft Warns: MistralAI PyPI Package Compromised with Malware
Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply”‘chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential”‘stealing payload on Linux systems. The logic is designed to execute automatically whenever the package is imported, meaning developers simply using the library in…
-
OceanLotus Hijacks PyPI to Deploy >>ZiChatBot<< via Enterprise Chat APIs
The post OceanLotus Hijacks PyPI to Deploy >>ZiChatBot<< via Enterprise Chat APIs appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/oceanlotus-pypi-supply-chain-attack-zichatbot-zulip-c2/
-
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems.”While these wheel packages do implement the features described on their PyPI web pages, their true purpose is to covertly deliver malicious files,” Kaspersky First…
-
Malicious PyTorch Lightning update hits AI supply chain security
A malicious PyTorch Lightning update (v2.6.3) on PyPI spread briefly, stealing credentials and raising major concerns about AI supply chain security. A malicious update of the PyTorch Lightning library exposed developers to credential theft and remote compromise. Attackers uploaded version 2.6.3 to the Python Package Index (PyPI), where it spread among developers before maintainers removed…
-
QLNX Targets Developers in Supply Chain Credential Theft Campaign
QLNX is a newly documented Linux remote access trojan (RAT) that targets the theft on developers’ and DevOps credentials to hijack software supply chains. Recent attacks against popular projects like LiteLLM on PyPI and the Axios npm package have shown how a single compromised maintainer account can be used to push backdoored releases to millions…
-
1,800 Developers Hit in Mini Shai-Hulud Supply Chain Attack Across PyPI, NPM, and PHP
What happened A supply chain attack campaign attributed to TeamPCP, dubbed Mini Shai-Hulud, has compromised packages across the PyPI, NPM, and PHP ecosystems over a two-day period, affecting over 1,800 developer repositories containing stolen credentials. The campaign was first identified on April 29 when malicious versions of four SAP NPM packages were caught delivering information-stealing…The…
-
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed…
-
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed…